[Win32utils-devel] Help need to File.set_permissions

Heesob Park phasis at gmail.com
Sun Dec 16 00:39:56 UTC 2012


Hi,

2012/12/16 Daniel Berger <djberg96 at gmail.com>:
> Hi,
>
> In win32-file-security, I'm having some trouble with
> File.set_permissions. It looks like the AddAce function is failing,
> though I may have done something wrong before that.
>
> Help please. :)
>
Here is patches.

==================================================================
diff --git a/functions.rb b/functions.rb.new
index e03de7f..22d1fdc 100644
--- a/functions.rb
+++ b/functions.rb.new
@@ -19,7 +19,7 @@ module Windows
       attach_function :InitializeSecurityDescriptor, [:pointer, :ulong], :bool
       attach_function :LookupAccountNameW, [:buffer_in, :buffer_in,
:pointer, :pointer, :pointer, :pointer, :pointer], :bool
       attach_function :LookupAccountSidW, [:buffer_in, :pointer,
:pointer, :pointer, :pointer, :pointer, :pointer], :bool
-      attach_function :SetFileSecurityW, [:buffer_in, :pointer,
:pointer], :bool
+      attach_function :SetFileSecurityW, [:buffer_in, :ulong, :pointer], :bool
       attach_function :SetSecurityDescriptorDacl, [:pointer, :bool,
:pointer, :bool], :bool

       ffi_lib :kernel32
==================================================================

==================================================================
diff --git a/constants.rb b/constants.rb.new
index d90b6da..03f584a 100644
--- a/constants.rb
+++ b/constants.rb.new
@@ -8,6 +8,7 @@ module Windows
       ACL_REVISION2             = 2
       ALLOW_ACE_LENGTH          = 62
       OBJECT_INHERIT_ACE        = 0x1
+      CONTAINER_INHERIT_ACE     = 0x2
       INHERIT_ONLY_ACE          = 0x8
       MAXDWORD                  = 0xFFFFFFFF
       SECURITY_DESCRIPTOR_MIN_LENGTH = 20
==================================================================

==================================================================
diff --git a/security.rb b/security.rb.new
index f6f2d9b..9717829 100644
--- a/security.rb
+++ b/security.rb.new
@@ -271,10 +271,9 @@ class File
         raise SystemCallError.new("InitializeSecurityDescriptor", FFI.errno)
       end

-      acl = ACL.new
-      acl_new = ACL.new
+      acl_new = FFI::MemoryPointer.new(ACL, 100)

-      unless InitializeAcl(acl, acl.size, ACL_REVISION2)
+      unless InitializeAcl(acl_new, acl_new.size, ACL_REVISION2)
         raise SystemCallError.new("InitializeAcl", FFI.errno)
       end

@@ -291,7 +290,7 @@ class File

         wide_account = account.wincode

-        sid = FFI::MemoryPointer.new(:pointer, 1024)
+        sid = FFI::MemoryPointer.new(:uchar, 1024)
         sid_size = FFI::MemoryPointer.new(:ulong)
         sid_size.write_ulong(sid.size)

@@ -299,7 +298,7 @@ class File
         domain_size = FFI::MemoryPointer.new(:ulong)
         domain_size.write_ulong(domain.size)

-        use_ptr = FFI::MemoryPointer.new(:pointer)
+        use_ptr = FFI::MemoryPointer.new(:ulong)
 	
         val = LookupAccountNameW(
            wide_server,
@@ -317,7 +316,7 @@ class File

         val = CopySid(
           ALLOW_ACE_LENGTH - ACCESS_ALLOWED_ACE.size,
-          all_ace,
+          all_ace.to_ptr+8,
           sid
         )

@@ -357,7 +356,7 @@ class File
         }
       }

-      unless SetSecurityDescriptorDacl(sec_desc, 1, acl_new, 0)
+      unless SetSecurityDescriptorDacl(sec_desc, true, acl_new, false)
         raise SystemCallError.new("SetSecurityDescriptorDacl", FFI.errno)
       end
==================================================================

Regards,

Park Heesob


More information about the win32utils-devel mailing list