egregio at gmail.com
Thu Jul 24 12:34:46 CEST 2008
+ I use os.path.isfile ("D:/test/local/file.txt") and return False. And
+ If I try to read a file return a error...
+ The user can't read or write files when I impersonated. But if I login
interactive, or execute as, with this user ("testUser") I can read and write
+ With other user don't work. But If impersonated user is equal "main user"
After impersonated, If I execute win32api.GetUserName() returns "testUser"
After impersonated, if I try execute os.system ("dir") returns -1
I can impersonate another user and write a file to an arbitrary point on my
filesystem in other computer. This computer (where impersonated works) is
out of windows domain.
Thanks a lot again
2008/7/24 Tim Golden <mail at timgolden.me.uk>:
> _ _ wrote:
>> 1) D: is a local drive
>> 2) "testUser" actually have security access. If I execute Notepad as
>> "testUser", I can create this file in this folder.
>> 3) I check that the folder exists.
> Well, can you do some other tests such as:
> + Use os.access or os.exists to determine whether the
> new user can see *anything* on the D: drive
> + Can the new user "read" an existing file from that
> + Can the new user write files in any *other* folder?
> + Can a *different* impersonated user create files?
> This isn't a general problem: I can impersonate another
> user and write a file to an arbitrary point on my
> filesystem. You're going to have to narrow it down
> to something which is particular about this case.
> python-win32 mailing list
> python-win32 at python.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the python-win32