如何通过C++获取特定用户对文件夹的访问控制权限?
如何通过C++获取特定用户对文件夹的访问控制权限?
提问于 2013-02-13 16:22:40
首先,让我问一下,在Windows-NT上,ACL权限是否会针对每个用户进行更改?我问这个问题的原因是因为accesschk实用程序似乎接受用户名作为参数,同时还需要一个对象进行检查(在我的例子中是文件夹路径)。
在这两种情况下,如何为使用C++的特定Windows用户获取文件夹的ACL权限(this stuff)?我假设我需要调用GetNamedSecurityInfo,但是我如何获得用户帐户的权限呢?
回答 3
Stack Overflow用户
回答已采纳
发布于 2013-02-13 17:23:32
ACL的全部意义在于不同用户之间的差异。它们是访问控制列表;它们控制哪些用户有权访问资源。
你在GetNamedSecurityInfo上是对的。它为您提供了两种ACL,SACL和DACL。SACL处理文件访问审核(很少使用),DACL有权限。您可以分解随GetExplicitEntriesFromAcl返回的DACL。
Stack Overflow用户
发布于 2015-02-19 07:33:07
在这两种情况下,如何为使用C++的特定Windows用户获取文件夹的ACL权限(此内容)?
DACL返回一个指针,您可以使用该指针从中拉取值。
我有一个演示程序,你可以看看,它基本上从一个给定的文件或目录加载DACL信息。指向该页面的链接如下所示。
Sample GetNamedSecurityInfo() call
“我假设我需要调用GetNamedSecurityInfo,但我如何从它获得用户帐户的权限?”
您可以通过调用GetAce()遍历列表,并从每个项目中提取域/用户名。
同样,请参阅我用C++编写的示例代码。
Stack Overflow用户
发布于 2021-05-22 12:47:26
#include <windows.h>
#include <iostream>
#include<fileapi.h>
#include<aclapi.h>
#include <unistd.h>
#include <sys/stat.h>
#include<time.h>
using namespace std;
void printFileProperties(struct stat stats)
{
struct tm dt;
printf("\nFile access: ");
if (stats.st_mode & R_OK)
printf("read ");
if (stats.st_mode & W_OK)
printf("write ");
if (stats.st_mode & X_OK)
printf("execute");
printf("\nFile size: %d Bytes", stats.st_size);
dt = *(gmtime(&stats.st_ctime));
printf("\nCreated on: %d-%d-%d %d:%d:%d", dt.tm_mday, dt.tm_mon, dt.tm_year + 1900,
dt.tm_hour, dt.tm_min, dt.tm_sec);
dt = *(gmtime(&stats.st_mtime));
printf("\nModified on: %d-%d-%d %d:%d:%d", dt.tm_mday, dt.tm_mon, dt.tm_year + 1900,
dt.tm_hour, dt.tm_min, dt.tm_sec);
dt = *(gmtime(&stats.st_atime));
printf("\nAccessed on: %d-%d-%d %d:%d:%d", dt.tm_mday, dt.tm_mon, dt.tm_year + 1900,
dt.tm_hour, dt.tm_min, dt.tm_sec);
}
void printGroupProperties(char filepath[])
{
LPCSTR fname;
fname = filepath;
DWORD dwRtnCode = 0;
PSECURITY_DESCRIPTOR psd = NULL;
PACL pdacl;
ACL_SIZE_INFORMATION aclSize = {0};
PSID sidowner = NULL;
PSID sidgroup = NULL;
HANDLE hFile;
LPTSTR oname = NULL;
LPTSTR doname=NULL;
DWORD namelen=0;
DWORD domainnamelen=0;
SID_NAME_USE peUse;
ACCESS_ALLOWED_ACE* ace;
dwRtnCode = GetNamedSecurityInfo(fname
,SE_FILE_OBJECT
,OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION
,&sidowner
,&sidgroup
,&pdacl
,NULL
,&psd);
LookupAccountSid(NULL, sidowner, oname, (LPDWORD) &namelen, doname, (LPDWORD) &domainnamelen, &peUse);
oname = (LPTSTR)GlobalAlloc(
GMEM_FIXED,
namelen);
doname = (LPTSTR)GlobalAlloc(
GMEM_FIXED,
domainnamelen);
// wcout<<"Owner: " << doname << "/" << oname <<"\n";
LookupAccountSid(NULL, sidgroup, oname, (LPDWORD) &namelen, doname, (LPDWORD)&domainnamelen, &peUse);
wcout<<"\n\nGroup: " << doname << "/" << oname;
wcout<< "\n::ACCESS CONTROL LIST::";
SID *sid;
unsigned long i, mask;
char *stringsid;
for (int i=0; i<(*pdacl).AceCount; i++) {
int c=1;
namelen=0;
domainnamelen=0;
BOOL b = GetAce(pdacl, i, (PVOID*)&ace);
//SID *sid = (SID *) ace->SidStart;
if (((ACCESS_ALLOWED_ACE *) ace)->Header.AceType == ACCESS_ALLOWED_ACE_TYPE) {
sid = (SID *) &((ACCESS_ALLOWED_ACE *) ace)->SidStart;
LookupAccountSid(NULL, sid, oname, (LPDWORD) &namelen, doname, (LPDWORD)&domainnamelen, &peUse);
oname = (LPTSTR)GlobalAlloc(GMEM_FIXED,namelen);
doname = (LPTSTR)GlobalAlloc(GMEM_FIXED,domainnamelen);
LookupAccountSid(NULL, sid, oname, (LPDWORD) &namelen, doname, (LPDWORD)&domainnamelen, &peUse);
wcout<<"\nUser Group "<<i+1<<":"<< doname << "/" << oname;
mask = ((ACCESS_ALLOWED_ACE *) ace)->Mask;
}
else if (((ACCESS_DENIED_ACE *) ace)->Header.AceType == ACCESS_DENIED_ACE_TYPE) {
sid = (SID *) &((ACCESS_DENIED_ACE *) ace)->SidStart;
LookupAccountSid(NULL, sid, oname,(LPDWORD) &namelen, doname, (LPDWORD)&domainnamelen, &peUse);
oname = (LPTSTR)GlobalAlloc(GMEM_FIXED,namelen);
doname = (LPTSTR)GlobalAlloc(GMEM_FIXED,domainnamelen);
LookupAccountSid(NULL, sid, oname, (LPDWORD) &namelen, doname, (LPDWORD)&domainnamelen, &peUse);
wcout<<"\nUser Group "<<i+1<<":"<< doname << "/" << oname;
mask = ((ACCESS_DENIED_ACE *) ace)->Mask;
}
else printf("Other ACE\n");
cout<<"\nPERMISSIONS:\n";
// wcout<<"ACE: mask:" << ace->Mask << " sidStart:" << ace->SidStart << " header type=" << ace->Header.AceType << " header flags=" << ace->Header.AceFlags <<"\n";
if (DELETE & ace->Mask) {
wcout<< " Delete" << "\n";
}
if (FILE_GENERIC_READ & ace->Mask) {
wcout<< " File_Generic_Read" << "\n";
}
if (FILE_GENERIC_WRITE & ace->Mask) {
wcout<< " File_Generic_Write" << "\n";
}
if (FILE_GENERIC_EXECUTE & ace->Mask) {
wcout<< " File_Generic_Execute" << "\n";
}
if (GENERIC_READ & ace->Mask) {
wcout<< " Generic_Read" << "\n";
}
if (GENERIC_WRITE & ace->Mask) {
wcout<< " Generic_Write" << "\n";
}
if (GENERIC_EXECUTE & ace->Mask) {
wcout<< " Generic_Execute" << "\n";
}
if (GENERIC_ALL & ace->Mask) {
wcout<< " Generic_All" << "\n";
}
if (READ_CONTROL & ace->Mask) {
wcout<< " Read_Control" << "\n";
}
if (WRITE_DAC & ace->Mask) {
wcout<< " Write_DAC" << "\n";
}
if (WRITE_OWNER & ace->Mask) {
wcout<< " Write_Owner" << "\n";
}
if (SYNCHRONIZE & ace->Mask) {
wcout<< " Synchronize" << "\n";
}
wcout<<"\n";
}
SECURITY_DESCRIPTOR* p1 = (SECURITY_DESCRIPTOR*)psd;
wcout<< "\n::SECURITY_DESCRIPTOR_CONTROL::" << "\n";
SECURITY_DESCRIPTOR_CONTROL ctrl = (*p1).Control;
if (SE_OWNER_DEFAULTED & ctrl) {
wcout<< " SE_OWNER_DEFAULTED" << "\n";
}
if (SE_DACL_PRESENT & ctrl) {
wcout<< " SE_DACL_PRESENT" << "\n";
}
if (SE_DACL_DEFAULTED & ctrl) {
wcout<< " SE_DACL_DEFAULTED" << "\n";
}
if (SE_SACL_PRESENT & ctrl) {
wcout<< " SE_SACL_PRESENT" << "\n";
}
if (SE_SACL_DEFAULTED & ctrl) {
wcout<< " SE_SACL_DEFAULTED" << "\n";
}
if (SE_DACL_AUTO_INHERIT_REQ & ctrl) {
wcout<< " SE_DACL_AUTO_INHERIT_REQ" << "\n";
}
if (SE_SACL_AUTO_INHERIT_REQ & ctrl) {
wcout<< " SE_SACL_AUTO_INHERIT_REQ" << "\n";
}
if (SE_SACL_AUTO_INHERITED & ctrl) {
wcout<< " SE_SACL_AUTO_INHERITED" << "\n";
}
if (SE_DACL_PROTECTED & ctrl) {
wcout<< " SE_DACL_PROTECTED" << "\n";
}
if (SE_SACL_PROTECTED & ctrl) {
wcout<< " SE_SACL_PROTECTED" << "\n";
}
if (SE_RM_CONTROL_VALID & ctrl) {
wcout<< " SE_RM_CONTROL_VALID" << "\n";
}
if (SE_SELF_RELATIVE & ctrl) {
wcout<< " SE_SELF_RELATIVE" << "\n";
}
// LocalFree(psd);
// LocalFree(sidowner);
// LocalFree(pdacl);
}
void printFileAttributes(char filepath[])
{
long unsigned int FileAttributes;
FileAttributes=GetFileAttributesA(filepath);
printf("\nFile type:");
if (FileAttributes & FILE_ATTRIBUTE_ARCHIVE)
{
printf("Archive ");
}
if (FileAttributes & FILE_ATTRIBUTE_DIRECTORY)
{
printf("Directory ");
}
if (FileAttributes & FILE_ATTRIBUTE_READONLY)
{
printf("Read-Only ");
}
if (FileAttributes & FILE_ATTRIBUTE_HIDDEN)
{
printf("Hidden");
}
}
int main()
{
WIN32_FIND_DATA data;
char dir[100];
cout<<"\nEnter the directory path:";
gets(dir);
char dirname[100];
strcpy(dirname,dir);
strcat(dirname,"\\*");
//cout<<dirname;
HANDLE hFind = FindFirstFile(dirname, &data); // DIRECTORY
struct stat stats;
if ( hFind != INVALID_HANDLE_VALUE ) {
do {
std::cout << "\n\nFile name:"<<data.cFileName;
//cout<<"\nFile Type:";
char filepath[100];
strcpy(filepath,dir);
strcat(filepath,"\\");
strcat(filepath,data.cFileName);
if( stat(filepath, &stats) == 0)
{
printFileProperties(stats);
}
printFileAttributes(filepath);
printGroupProperties(filepath);
} while (FindNextFile(hFind, &data));
FindClose(hFind);
}
}页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/14849221
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号