我正在尝试在 cpp 中为 LOCAL_SYSTEM 创建安全描述符。引用代码 创建安全描述符
示例告诉如何为每个人和管理员创建,但我试图创建 LOCAL_SYSTEM 但失败了。
SID_IDENTIFIER_AUTHORITY SIDLocalSystem = SECURITY_LOCAL_SID_AUTHORITY;
SECURITY_ATTRIBUTES sa;
HKEY hkSub = NULL;
HKEY hRegKey = NULL;
bool bRet = false;
// Create a well-known SID for the Everyone group.
if (!AllocateAndInitializeSid(&SIDAuthWorld, 1,
/*SECURITY_WORLD_RID*/SECURITY_LOCAL_SYSTEM_RID,
0, 0, 0, 0, 0, 0, 0,
&SIDLocalSystem))
{
WcaLog(LOGMSG_STANDARD, "AllocateAndInitializeSid Error %u", GetLastError());
goto exit;
}
// Initialize an EXPLICIT_ACCESS structure for an ACE.
// The ACE will allow Everyone read access to the key.
ZeroMemory(&ea, 2 * sizeof(EXPLICIT_ACCESS));
ea[0].grfAccessPermissions = KEY_ALL_ACCESS;
ea[0].grfAccessMode = SET_ACCESS;
ea[0].grfInheritance = NO_INHERITANCE;
ea[0].Trustee.TrusteeForm = TRUSTEE_IS_SID;
ea[0].Trustee.TrusteeType = TRUSTEE_IS_USER;
ea[0].Trustee.ptstrName = (LPTSTR)SIDLocalSystem;
不知何故导致设置未知的 SID