[Win32utils-devel] Need some ACL help for win32-file

Park Heesob phasis at nownuri.net
Wed Mar 22 07:58:19 EST 2006


Hi,
> Well, I've given up trying to figure out the rest of the file
> permissions stuff  (LookupAccountSid, etc).  I'm just not getting it.
> 
Well, Don't give up :)

Here is the LookupAccountSid stuff:

0.upto(ace_count - 1){ |i|
   if @@GetAce.call(dacl_ptr.unpack('L').first, i, ace_ptr) == 0
      next
   end
                 
   ace_buf = 0.chr * 12 # Header:4,Mask:4,SidStart:4 (struct ACCESS_ALLOWD_ACE)
   @@memcpy.call(ace_buf, ace_ptr.unpack('L').first, ace_buf.size)

   if ace_buf.unpack('CCS').first == ACCESS_ALLOWED_ACE_TYPE
     name = 0.chr * 256
     name_len_ptr = [name.size].pack('L')
     domain = 0.chr * 256
     domain_len_ptr = [domain.size].pack('L')
     snu_ptr = 0.chr * 4
   
      val = @@LookupAccountSid.call(
        nil, # local computer
        ace_ptr.unpack('L').first + 8, # address of ace_ptr->SidStart
        name,
        name_len_ptr,
        domain,
        domain_len_ptr,
        snu_ptr   
      )
      if val == 0
         raise ArgumentError, get_last_error
      end

      name = name[0...name_len_ptr.unpack('L').first] 
      domain = domain[0...domain_len_ptr.unpack('L').first]
      mask = ace_buf.unpack('LLL')[1]
      puts "\n\nUser:#{name},Domain:#{domain}" 
      puts "FILE_APPEND_DATA" if (mask & FILE_APPEND_DATA).nonzero?
      puts "FILE_EXECUTE" if (mask & FILE_EXECUTE).nonzero?
      puts "FILE_READ_ATTRIBUTES" if (mask & FILE_READ_ATTRIBUTES).nonzero?
      puts "FILE_READ_DATA" if (mask & FILE_READ_DATA).nonzero?
      puts "FILE_READ_EA" if (mask & FILE_READ_EA).nonzero?
      puts "FILE_WRITE_ATTRIBUTES" if (mask & FILE_WRITE_ATTRIBUTES).nonzero?
      puts "FILE_WRITE_DATA" if (mask & FILE_WRITE_DATA).nonzero?
      puts "FILE_WRITE_EA" if (mask & FILE_WRITE_EA).nonzero?
      puts "DELETE" if (mask & DELETE).nonzero?
      puts "READ_CONTROL" if (mask & READ_CONTROL).nonzero?
      puts "WRITE_DAC" if (mask & WRITE_DAC).nonzero?
      puts "WRITE_OWNER" if (mask & WRITE_OWNER).nonzero?
      puts "SYNCHRONIZE" if (mask & SYNCHRONIZE).nonzero?
      puts "ACCESS_SYSTEM_SECURITY" if (mask & ACCESS_SYSTEM_SECURITY).nonzero?
      puts "MAXIMUM_ALLOWED" if (mask & MAXIMUM_ALLOWED).nonzero?		        
   end

And define LookupAccountSid like this:
   @@LookupAccountSid =
      Win32API.new('advapi32', 'LookupAccountSid', 'PLPPPPP', 'I')

> I've committed what I've done so far (now in the toplevel win32-file
> project in the CVS repo) in file.rb.  Any help appreciated.
> 
> Regards,
> 
> Dan

Regards,

Park Heesob



More information about the win32utils-devel mailing list