SetSecurityDescriptorDacl (advapi32)
Last changed: -81.95.21.122
.
Summary
Sets information in a discretionary access control list (DACL)

C# Signature:

[DllImport("advapi32.dll", SetLastError=true)]
static extern bool SetSecurityDescriptorDacl(ref SECURITY_DESCRIPTOR sd, bool daclPresent, IntPtr dacl, bool daclDefaulted);

VB Signature:

<DllImportAttribute("advapi32.dll", EntryPoint:="SetSecurityDescriptorDacl")>

Private Shared Function SetSecurityDescriptorDacl(ByRef pSecurityDescriptor As SECURITY_DESCRIPTOR, <MarshalAsAttribute(UnmanagedType.Bool)> ByVal bDaclPresent As Boolean, <InAttribute()> ByVal pDacl As System.IntPtr, <MarshalAsAttribute(UnmanagedType.Bool)> ByVal bDaclDefaulted As Boolean) As UInteger

End Function

User-Defined Types:

SECURITY_DESCRIPTOR

Alternative Managed API:

Do you know one? Please contribute it!

Notes:

None.

Tips & Tricks:

Please add some!

Sample Code:

// Initialize the security descriptor structure
SECURITY_DESCRIPTOR securityDesc = new SECURITY_DESCRIPTOR();
InitializeSecurityDescriptor(out securityDesc, 1);
SetSecurityDescriptorDacl(ref securityDesc, true, IntPtr.Zero, false);

Set DACL from SDDL:

public class SomeClass
     {
     [DllImport("Advapi32.dll", SetLastError = true)]
     static extern void SetFileSecurity(string path, int type_of_sd, IntPtr sd);
     [DllImport("Advapi32.dll", SetLastError = true)]
     static extern bool ConvertStringSecurityDescriptorToSecurityDescriptor(string StringSecurityDescriptor, uint StringSDRevision, out IntPtr SecurityDescriptor, out UIntPtr SecurityDescriptorSize);
     private static void Main()
     {
     string path = @"C:\Some\path\to\file";
     string sddl = "D:AI(A;ID;FA;;;S-1-1-0)"; // set only one ACE: inherited full access to Everyone
     uint sd_revision = 1;  // the only revision of SECURITY_DESCRIPTOR
     int DACL_SECURITY_INFORMATION = 4; // can be changed to change other properties, not DACL, relying on SECURITY_DESCRIPTOR_CONTROL parameters https://msdn.microsoft.com/ru-ru/library/windows/desktop/aa379566%28v=vs.85%29.aspx
     IntPtr sd_ptr = new IntPtr();
     UIntPtr sd_size_ptr = new UIntPtr();
     var abc = ConvertStringSecurityDescriptorToSecurityDescriptor(sddl, sd_revision, out sd_ptr, out sd_size_ptr);
     SetFileSecurity(path, DACL_SECURITY_INFORMATION, sd_ptr);
     }
     }

Documentation
SetSecurityDescriptorDacl on MSDN