NtQuerySecurityObject - NtDoc

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers
#ifndef _NTOBAPI_H
// Objects, handles
#if (PHNT_MODE != PHNT_MODE_KERNEL)

NTSYSCALLAPI
NTSTATUS
NTAPI
NtQuerySecurityObject(
    _In_ HANDLE Handle,
    _In_ SECURITY_INFORMATION SecurityInformation,
    _Out_writes_bytes_to_opt_(Length, *LengthNeeded) PSECURITY_DESCRIPTOR SecurityDescriptor,
    _In_ ULONG Length,
    _Out_ PULONG LengthNeeded
    );

#endif
#endif

View code on GitHub
#ifndef _NTZWAPI_H

NTSYSCALLAPI
NTSTATUS
NTAPI
ZwQuerySecurityObject(
    _In_ HANDLE Handle,
    _In_ SECURITY_INFORMATION SecurityInformation,
    _Out_writes_bytes_to_opt_(Length, *LengthNeeded) PSECURITY_DESCRIPTOR SecurityDescriptor,
    _In_ ULONG Length,
    _Out_ PULONG LengthNeeded
    );

#endif

View code on GitHub

This function is documented in Windows Driver Kit here and here.


Function NtQuerySecurityObject retrieve object's Security Descriptor.

ObjectHandle

HANDLE to any object opened with READ_CONTROL access.

SecurityInformationClass

Can be combination of:

DescriptorBuffer

Result of call - pointer to SECURITY_DESCRIPTOR structure.

DescriptorBufferLength

Size of buffer, in bytes.

RequiredLength

Pointer to value receiving required length of buffer.

Documented by

See also