def self.get_security_descriptor_sacl(security_descriptor)
security_descriptor = security_descriptor.pointer if security_descriptor.respond_to?(:pointer)
present = FFI::Buffer.new :bool
defaulted = FFI::Buffer.new :bool
acl = FFI::Buffer.new :pointer
unless GetSecurityDescriptorSacl(security_descriptor, present, acl, defaulted)
Chef::ReservedNames::Win32::Error.raise!
end
acl = acl.read_pointer
[ present.read_char != 0, acl.null? ? nil : ACL.new(acl, security_descriptor), defaulted.read_char != 0 ]
end