Function

SecAccessCreateFromOwnerAndACL

Creates a new access object using the owner and access control list you provide.

Declaration

OSStatus SecAccessCreateFromOwnerAndACL(const CSSM_ACL_OWNER_PROTOTYPE *owner, uint32 aclCount, const CSSM_ACL_ENTRY_INFO *acls, SecAccessRef  _Nullable *accessRef);

Parameters

owner

A pointer to a CSSM access control list owner.

aclCount

An unsigned 32-bit integer representing the number of items in the access control list.

acls

A pointer to the CSSM access control list.

accessRef

On return, points to the new access object. Call the CFRelease function to release this object when you are finished using it.

Return Value

Discussion

This function creates an access object from CSSM structures. You can use this function to create an access object for use with other Certificate, Key, and Trust API functions if you want to use CSSM to create the access control list. CSSM allows more complex access controls than you can construct with the Certificate, Key, and Trust API. For more information about the CSSM API, see Common Security: CDSA and CSSM, version 2 (with corrigenda) from The Open Group (http://www.opengroup.org/security/cdsa.htm).

Special Considerations

This function is deprecated in macOS 10.7 and later; use SecAccessCreateWithOwnerAndACL instead.

See Also

Legacy Access Control Operations

SecACLCreateFromSimpleContents

Creates a new access control list entry from the application list, description, and prompt selector provided and adds it to an item’s access object.

Deprecated
SecACLCopySimpleContents

Returns the application list, description, and CSSM prompt selector for a given access control list entry.

Deprecated
SecACLSetSimpleContents

Sets the application list, description, and prompt selector for a given access control list entry.

Deprecated
SecACLGetAuthorizations

Retrieves the CSSM authorization tags of a given access control list entry.

Deprecated
SecACLSetAuthorizations

Sets the CSSM authorization tags for a given access control list entry.

Deprecated
SecAccessCopySelectedACLList

Retrieves selected access control lists from a given access object.

Deprecated
SecAccessGetOwnerAndACL

Retrieves the owner and the access control list of a given access object.

Deprecated