win32security

Mark Hammond mhammond at skippinet.com.au
Tue Feb 22 23:20:30 CET 2000


Check out the documentation for these functions from Microsoft.  Eg, a
search for "GetFileSecurity" will yield some good hits, including:

HOWTO: Add an Access-Allowed ACE to a File (ID: Q102102)
HOWTO: Obtain the Owner of a File on Windows NT (ID: Q218965)

etc.

Mark.

<daryl_stultz at my-deja.com> wrote in message
news:88ukc0$aeq$1 at nnrp1.deja.com...

> I applied Mark's privilege procedure to the script (and changed a
couple
> of things) to get this:
>
> *********************
> import win32api
> from ntsecuritycon import *
> from win32security import *
> from win32con import *
>
> def AdjustPrivilege(priv, enable = 1):
>     # Get the process token.
>     flags = TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY
>     # Get the ID for the system shutdown privilege.
>     htoken =  OpenProcessToken(win32api.GetCurrentProcess(), flags)
>     id = LookupPrivilegeValue(None, priv)
>     # Now obtain the privilege for this process.
>     # Create a list of the privileges to be added.
>     if enable:
>         newPrivileges = [(id, SE_PRIVILEGE_ENABLED)]
>     else:
>         newPrivileges = [(id, 0)]
>     # and make the adjustment.
>     AdjustTokenPrivileges(htoken, 0, newPrivileges)
>
> #mainline
> print "*" * 20
>
> AdjustPrivilege(SE_SECURITY_NAME)
>
> sid,domain,z = LookupAccountName('\\\\server1','dstultz') #server1
is
> our server, dstultz is me
> newACL=ACL()
> newACL.AddAccessAllowedAce(GENERIC_ALL , sid)
> fileSec=GetFileSecurity('e:\\test.txt',DACL_SECURITY_INFORMATION)
> #text.txt is (duh) a test file
>
> fileSec.SetDacl(1, newACL, 0)
>
> SetFileSecurity('e:\\test.txt', DACL_SECURITY_INFORMATION, fileSec)
> #this fails
>
> *********************
> Here is the error:
>
> pywintypes.api_error: (1338, 'SetSecurityDescriptorDacl', 'The
security
> descriptor structure is invalid.')
>
> I would think that SOMEONE must have a module to do this sort of
thing:
> Pass a filename and get/set access rights...
>
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.





More information about the Python-list mailing list