file() and Win32 security attributes

Roger Upole rupole at hotmail.com
Fri Feb 27 18:25:35 CET 2004


You could avoid rewriting a lot of code by adding a call to
win32security.SetFileSecurity after the file is closed.
Alternately, you can change the default permissions for
new files using win32security.SetTokenInformation to modify
TokenDefaultDacl, but that gets more complicated.  Also, it
doesn't apply if the directory it's created in has an inheritable
DACL.
   hth
      Roger

"Gerson Kurz" <gerson.kurz at t-online.de> wrote in message
news:403e2bfd.9144015 at news.t-online.de...
> Hi all, a quick question: how can I force file() to create files that
> have "ALL ACCESS FOR EVERYONE" security attributes? Other than by a
> major rewrite of my existing code modules replacing the existing
> "native-python" code by win32file / win32security calls?
>
> In case you're wondering what is happening here:
>
> - user A with admin rights logs on to NT and uses python to create a
> file
> - user A logs off
> - user B without admin rights logs on to NT and uses python to access
> said file -> doesn't work, because B has no admin rights and cannot
> access files created by an administrator.
>
> Most feasible solution is AAFE, because a more finegrained ACL is a
> nightmare to maintain :)
>
>





More information about the Python-list mailing list