5c3887
__ntapi_acl_init_common_descriptor(): disallow inheritance of parent ACEs.
@@ -63,7 +63,7 @@ void __stdcall __ntapi_acl_init_common_descriptor(
|
|
63
63
|
/* sd header */
|
64
64
|
sd->sd.revision = 1;
|
65
65
|
sd->sd.sbz_1st = 0;
|
66
|
-
sd->sd.control = NT_SE_SELF_RELATIVE | NT_SE_DACL_PRESENT;
|
66
|
+
sd->sd.control = NT_SE_SELF_RELATIVE | NT_SE_DACL_PRESENT | NT_SE_DACL_PROTECTED;
|
67
67
|
sd->sd.offset_owner = __offsetof(nt_sd_common_buffer,owner);
|
68
68
|
sd->sd.offset_group = 0;
|
69
69
|
sd->sd.offset_dacl = __offsetof(nt_sd_common_buffer,dacl);
|