SKETCH OF HOW RESEARCH MIGHT CONTINUE AND RESULTS BE PRESENTED

OB_SECURITY_METHOD

The OB_SECURITY_METHOD type is a pointer to a routine that can be defined for all objects of the same type. It is specified as the SecurityProcedure member of the OBJECT_TYPE_INITIALIZER structure when creating the object type. It is then retained in this structure as nested into the OBJECT_TYPE structure.

Declaration

The modern declaration dates from version 6.0: 

typedef 
NTSTATUS 
(*OB_SECURITY_METHOD) (
    PVOID Object, 
    SECURITY_OPERATION_CODE OperationCode, 
    SECURITY_INFORMATION *SecurityInformation, 
    PSECURITY_DESCRIPTOR SecurityDescriptor, 
    ULONG *CapturedLength, 
    PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor, 
    POOL_TYPE PoolType, 
    GENERIC_MAPPING *GenericMapping, 
    KPROCESSOR_MODE Mode);

in versions 5.1 to 5.2, the function has one fewer argument: 

typedef 
NTSTATUS 
(*OB_SECURITY_METHOD) (
    PVOID Object, 
    SECURITY_OPERATION_CODE OperationCode, 
    SECURITY_INFORMATION *SecurityInformation, 
    PSECURITY_DESCRIPTOR SecurityDescriptor, 
    ULONG *CapturedLength, 
    PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor, 
    POOL_TYPE PoolType, 
    GENERIC_MAPPING *GenericMapping);

in earlier versions, two of the arguments are not yet defined formally as enumerations: 

typedef 
NTSTATUS 
(*OB_SECURITY_METHOD) (
    PVOID Object, 
    INT OperationCode, 
    SECURITY_INFORMATION *SecurityInformation, 
    PSECURITY_DESCRIPTOR SecurityDescriptor, 
    ULONG *CapturedLength, 
    PSECURITY_DESCRIPTOR *ObjectsSecurityDescriptor, 
    INT PoolType, 
    GENERIC_MAPPING *GenericMapping);

This page was created on 22nd June 2020 but was not published until 31st August 2022.

Copyright © 2022. Geoff Chappell. All rights reserved. Conditions apply.