[Win32utils-devel] Help need to File.set_permissions
Daniel Berger
djberg96 at gmail.com
Sun Dec 16 12:36:28 UTC 2012
Hi,
On Sat, Dec 15, 2012 at 5:39 PM, Heesob Park <phasis at gmail.com> wrote:
> Hi,
>
> 2012/12/16 Daniel Berger <djberg96 at gmail.com>:
>> Hi,
>>
>> In win32-file-security, I'm having some trouble with
>> File.set_permissions. It looks like the AddAce function is failing,
>> though I may have done something wrong before that.
>>
>> Help please. :)
>>
> Here is patches.
>
> ==================================================================
> diff --git a/functions.rb b/functions.rb.new
> index e03de7f..22d1fdc 100644
> --- a/functions.rb
> +++ b/functions.rb.new
> @@ -19,7 +19,7 @@ module Windows
> attach_function :InitializeSecurityDescriptor, [:pointer, :ulong], :bool
> attach_function :LookupAccountNameW, [:buffer_in, :buffer_in,
> :pointer, :pointer, :pointer, :pointer, :pointer], :bool
> attach_function :LookupAccountSidW, [:buffer_in, :pointer,
> :pointer, :pointer, :pointer, :pointer, :pointer], :bool
> - attach_function :SetFileSecurityW, [:buffer_in, :pointer,
> :pointer], :bool
> + attach_function :SetFileSecurityW, [:buffer_in, :ulong, :pointer], :bool
> attach_function :SetSecurityDescriptorDacl, [:pointer, :bool,
> :pointer, :bool], :bool
>
> ffi_lib :kernel32
> ==================================================================
>
> ==================================================================
> diff --git a/constants.rb b/constants.rb.new
> index d90b6da..03f584a 100644
> --- a/constants.rb
> +++ b/constants.rb.new
> @@ -8,6 +8,7 @@ module Windows
> ACL_REVISION2 = 2
> ALLOW_ACE_LENGTH = 62
> OBJECT_INHERIT_ACE = 0x1
> + CONTAINER_INHERIT_ACE = 0x2
> INHERIT_ONLY_ACE = 0x8
> MAXDWORD = 0xFFFFFFFF
> SECURITY_DESCRIPTOR_MIN_LENGTH = 20
> ==================================================================
>
> ==================================================================
> diff --git a/security.rb b/security.rb.new
> index f6f2d9b..9717829 100644
> --- a/security.rb
> +++ b/security.rb.new
> @@ -271,10 +271,9 @@ class File
> raise SystemCallError.new("InitializeSecurityDescriptor", FFI.errno)
> end
>
> - acl = ACL.new
> - acl_new = ACL.new
> + acl_new = FFI::MemoryPointer.new(ACL, 100)
>
> - unless InitializeAcl(acl, acl.size, ACL_REVISION2)
> + unless InitializeAcl(acl_new, acl_new.size, ACL_REVISION2)
> raise SystemCallError.new("InitializeAcl", FFI.errno)
> end
>
> @@ -291,7 +290,7 @@ class File
>
> wide_account = account.wincode
>
> - sid = FFI::MemoryPointer.new(:pointer, 1024)
> + sid = FFI::MemoryPointer.new(:uchar, 1024)
> sid_size = FFI::MemoryPointer.new(:ulong)
> sid_size.write_ulong(sid.size)
>
> @@ -299,7 +298,7 @@ class File
> domain_size = FFI::MemoryPointer.new(:ulong)
> domain_size.write_ulong(domain.size)
>
> - use_ptr = FFI::MemoryPointer.new(:pointer)
> + use_ptr = FFI::MemoryPointer.new(:ulong)
>
> val = LookupAccountNameW(
> wide_server,
> @@ -317,7 +316,7 @@ class File
>
> val = CopySid(
> ALLOW_ACE_LENGTH - ACCESS_ALLOWED_ACE.size,
> - all_ace,
> + all_ace.to_ptr+8,
> sid
> )
>
> @@ -357,7 +356,7 @@ class File
> }
> }
>
> - unless SetSecurityDescriptorDacl(sec_desc, 1, acl_new, 0)
> + unless SetSecurityDescriptorDacl(sec_desc, true, acl_new, false)
> raise SystemCallError.new("SetSecurityDescriptorDacl", FFI.errno)
> end
> ==================================================================
Looks good, go ahead and push please.
Regards,
Dan
More information about the win32utils-devel
mailing list