5c3887 __ntapi_acl_init_common_descriptor(): disallow inheritance of parent ACEs.

Authored and Committed by midipix 6 years ago
    __ntapi_acl_init_common_descriptor(): disallow inheritance of parent ACEs.
    
        
file modified
+1 -1
src/acl/ntapi_acl_helper.c CHANGED
@@ -63,7 +63,7 @@ void __stdcall __ntapi_acl_init_common_descriptor(
63
63
/* sd header */
64
64
sd->sd.revision = 1;
65
65
sd->sd.sbz_1st = 0;
66
- sd->sd.control = NT_SE_SELF_RELATIVE | NT_SE_DACL_PRESENT;
66
+ sd->sd.control = NT_SE_SELF_RELATIVE | NT_SE_DACL_PRESENT | NT_SE_DACL_PROTECTED;
67
67
sd->sd.offset_owner = __offsetof(nt_sd_common_buffer,owner);
68
68
sd->sd.offset_group = 0;
69
69
sd->sd.offset_dacl = __offsetof(nt_sd_common_buffer,dacl);