16,472
社区成员
发帖
与我相关
我的任务
分享如何用程序控制一个文件夹的访问权限?
win2000Server系统,通过程序动态建立新文件夹,然后根据需要自动设置这个新文件夹的访问权限。
现在我遇到的问题就是如何通过程序对文件夹的访问权限进行控制。
ASP、VB、API、COM都可以考虑。
请问各位大仙如何解决?
小弟是VC的门外汉,所以不求各位给源代码,自需要给个API说明之类的冬冬。
现在我遇到的问题就是如何通过程序对文件夹的访问权限进行控制。
ASP、VB、API、COM都可以考虑。
请问各位大仙如何解决?
小弟是VC的门外汉,所以不求各位给源代码,自需要给个API说明之类的冬冬。
...全文
请发表友善的回复…
发表回复
fanfyj 2003-09-23
- 打赏
- 举报
SR_SetFileSecurityRecursive是哪里的函数?msdn里怎么查不到啊??
topmonkey 2003-09-23
- 打赏
- 举报
To:jiangsheng(蒋晟.Net)
请原谅俺的无知吧,俺是真的不懂VC,用VB做DLL倒是会,但是调用哪些API函数呢?
用VC写DLL俺真的不会,周围也没有懂VC的人可问。俺手头上也没有VC环境,仁兄给的VC程序甚至不知道怎么编译。
请原谅俺的无知吧,俺是真的不懂VC,用VB做DLL倒是会,但是调用哪些API函数呢?
用VC写DLL俺真的不会,周围也没有懂VC的人可问。俺手头上也没有VC环境,仁兄给的VC程序甚至不知道怎么编译。
hardstudylulin 2003-09-22
- 打赏
- 举报
学习!Up
蒋晟 2003-09-22
- 打赏
- 举报
faint
做个DLL不就可以了么
做个DLL不就可以了么
topmonkey 2003-09-22
- 打赏
- 举报
To:jiangsheng(蒋晟.Net)
你误会我的意思了,我是说看不懂VC程序,我希望能在VB中调用你的程序,希望能告诉我如何在VB中调用。
你误会我的意思了,我是说看不懂VC程序,我希望能在VB中调用你的程序,希望能告诉我如何在VB中调用。
qiufuwang 2003-09-15
- 打赏
- 举报
up
蒋晟 2003-09-15
- 打赏
- 举报
注释不是写了么
不懂API的话去看MSDN
不懂API的话去看MSDN
topmonkey 2003-09-15
- 打赏
- 举报
To:jiangsheng(蒋晟.Net)
小弟不懂VC,能否给点注释?谢谢!
小弟不懂VC,能否给点注释?谢谢!
蒋晟 2003-09-14
- 打赏
- 举报
А все оказалось очень просто. Вот примерный код:
BOOL My_SetFolderSecurity(WCHAR* szPath)
{
SID_IDENTIFIER_AUTHORITY sia = SECURITY_NT_AUTHORITY;
PSID pSidSystem = NULL;
PSID pSidAdmins = NULL;
PSID pSidWorld = NULL;
PACL pDacl = NULL;
EXPLICIT_ACCESS ea[4];
SECURITY_DESCRIPTOR SecDesc;
ULONG lRes = ERROR_SUCCESS;
__try
{
// create SYSTEM SID
if (!AllocateAndInitializeSid(&sia, 1, SECURITY_LOCAL_SYSTEM_RID,
0, 0, 0, 0, 0, 0, 0, &pSidSystem))
{
lRes = GetLastError();
__leave;
}
// create Local Administrators alias SID
if (!AllocateAndInitializeSid(&sia, 2, SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0,
0, 0, &pSidAdmins))
{
lRes = GetLastError();
__leave;
}
// create Authenticated users well-known group SID
if (!AllocateAndInitializeSid(&sia, 1, SECURITY_AUTHENTICATED_USER_RID,
0, 0, 0, 0, 0, 0, 0, &pSidWorld))
{
lRes = GetLastError();
__leave;
}
// fill an entry for the SYSTEM account
ea[0].grfAccessMode = GRANT_ACCESS;
ea[0].grfAccessPermissions = FILE_ALL_ACCESS;
ea[0].grfInheritance = OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE;
ea[0].Trustee.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
ea[0].Trustee.pMultipleTrustee = NULL;
ea[0].Trustee.TrusteeForm = TRUSTEE_IS_SID;
ea[0].Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP;
ea[0].Trustee.ptstrName = (LPTSTR)pSidSystem;
// fill an entry entries for the Administrators alias
ea[1].grfAccessMode = GRANT_ACCESS;
ea[1].grfAccessPermissions = FILE_ALL_ACCESS;
ea[1].grfInheritance = OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE;
ea[1].Trustee.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
ea[1].Trustee.pMultipleTrustee = NULL;
ea[1].Trustee.TrusteeForm = TRUSTEE_IS_SID;
ea[1].Trustee.TrusteeType = TRUSTEE_IS_ALIAS;
ea[1].Trustee.ptstrName = (LPTSTR)pSidAdmins;
// fill an entry for the Authenticated users well-known group
ea[2].grfAccessMode = GRANT_ACCESS;
ea[2].grfAccessPermissions = FILE_GENERIC_READ|FILE_GENERIC_WRITE ;
ea[2].grfInheritance = OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE;
ea[2].Trustee.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
ea[2].Trustee.pMultipleTrustee = NULL;
ea[2].Trustee.TrusteeForm = TRUSTEE_IS_SID;
ea[2].Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP;
ea[2].Trustee.ptstrName = (LPTSTR)pSidWorld;
// create a DACL
lRes = SetEntriesInAcl(3, ea, NULL, &pDacl);
if (lRes != ERROR_SUCCESS)
__leave;
// initialize security descriptor
if(!InitializeSecurityDescriptor(&SecDesc, SECURITY_DESCRIPTOR_REVISION))
__leave ;
if(!SetSecurityDescriptorDacl(&SecDesc, TRUE, pDacl, FALSE))
__leave ;
// assign security descriptor to the key
//lRes = RegSetKeySecurity(hKey, DACL_SECURITY_INFORMATION, &SecDesc);
lRes = SR_SetFileSecurityRecursive(szPath, DACL_SECURITY_INFORMATION, &SecDesc);
//lRes = SetFileSecurity(szPath, DACL_SECURITY_INFORMATION, &SecDesc);
}
__finally
{
if (pSidSystem != NULL)
FreeSid(pSidSystem);
if (pSidAdmins != NULL)
FreeSid(pSidAdmins);
if (pSidWorld != NULL)
FreeSid(pSidWorld);
if (pDacl != NULL)
LocalFree((HLOCAL)pDacl);
}
SetLastError(lRes);
return lRes != ERROR_SUCCESS;
}
Command what is yours
Conquer what is not
BOOL My_SetFolderSecurity(WCHAR* szPath)
{
SID_IDENTIFIER_AUTHORITY sia = SECURITY_NT_AUTHORITY;
PSID pSidSystem = NULL;
PSID pSidAdmins = NULL;
PSID pSidWorld = NULL;
PACL pDacl = NULL;
EXPLICIT_ACCESS ea[4];
SECURITY_DESCRIPTOR SecDesc;
ULONG lRes = ERROR_SUCCESS;
__try
{
// create SYSTEM SID
if (!AllocateAndInitializeSid(&sia, 1, SECURITY_LOCAL_SYSTEM_RID,
0, 0, 0, 0, 0, 0, 0, &pSidSystem))
{
lRes = GetLastError();
__leave;
}
// create Local Administrators alias SID
if (!AllocateAndInitializeSid(&sia, 2, SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0,
0, 0, &pSidAdmins))
{
lRes = GetLastError();
__leave;
}
// create Authenticated users well-known group SID
if (!AllocateAndInitializeSid(&sia, 1, SECURITY_AUTHENTICATED_USER_RID,
0, 0, 0, 0, 0, 0, 0, &pSidWorld))
{
lRes = GetLastError();
__leave;
}
// fill an entry for the SYSTEM account
ea[0].grfAccessMode = GRANT_ACCESS;
ea[0].grfAccessPermissions = FILE_ALL_ACCESS;
ea[0].grfInheritance = OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE;
ea[0].Trustee.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
ea[0].Trustee.pMultipleTrustee = NULL;
ea[0].Trustee.TrusteeForm = TRUSTEE_IS_SID;
ea[0].Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP;
ea[0].Trustee.ptstrName = (LPTSTR)pSidSystem;
// fill an entry entries for the Administrators alias
ea[1].grfAccessMode = GRANT_ACCESS;
ea[1].grfAccessPermissions = FILE_ALL_ACCESS;
ea[1].grfInheritance = OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE;
ea[1].Trustee.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
ea[1].Trustee.pMultipleTrustee = NULL;
ea[1].Trustee.TrusteeForm = TRUSTEE_IS_SID;
ea[1].Trustee.TrusteeType = TRUSTEE_IS_ALIAS;
ea[1].Trustee.ptstrName = (LPTSTR)pSidAdmins;
// fill an entry for the Authenticated users well-known group
ea[2].grfAccessMode = GRANT_ACCESS;
ea[2].grfAccessPermissions = FILE_GENERIC_READ|FILE_GENERIC_WRITE ;
ea[2].grfInheritance = OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE;
ea[2].Trustee.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
ea[2].Trustee.pMultipleTrustee = NULL;
ea[2].Trustee.TrusteeForm = TRUSTEE_IS_SID;
ea[2].Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP;
ea[2].Trustee.ptstrName = (LPTSTR)pSidWorld;
// create a DACL
lRes = SetEntriesInAcl(3, ea, NULL, &pDacl);
if (lRes != ERROR_SUCCESS)
__leave;
// initialize security descriptor
if(!InitializeSecurityDescriptor(&SecDesc, SECURITY_DESCRIPTOR_REVISION))
__leave ;
if(!SetSecurityDescriptorDacl(&SecDesc, TRUE, pDacl, FALSE))
__leave ;
// assign security descriptor to the key
//lRes = RegSetKeySecurity(hKey, DACL_SECURITY_INFORMATION, &SecDesc);
lRes = SR_SetFileSecurityRecursive(szPath, DACL_SECURITY_INFORMATION, &SecDesc);
//lRes = SetFileSecurity(szPath, DACL_SECURITY_INFORMATION, &SecDesc);
}
__finally
{
if (pSidSystem != NULL)
FreeSid(pSidSystem);
if (pSidAdmins != NULL)
FreeSid(pSidAdmins);
if (pSidWorld != NULL)
FreeSid(pSidWorld);
if (pDacl != NULL)
LocalFree((HLOCAL)pDacl);
}
SetLastError(lRes);
return lRes != ERROR_SUCCESS;
}
Command what is yours
Conquer what is not
vcforever 2003-09-12
- 打赏
- 举报
应该和这个结构有关LPSECURITY_ATTRIBUTES,在你创建文件的时候
指定一下安全属性应该就可以了!
祝你成功!
指定一下安全属性应该就可以了!
祝你成功!
zzkcn 2003-09-12
- 打赏
- 举报
可以在CreateFiel()中直接设定访问权限,
第四个参数LPSECURITY_ATTRIBUTES lpSecurityAttributes
第四个参数LPSECURITY_ATTRIBUTES lpSecurityAttributes
daphant 2003-09-12
- 打赏
- 举报
好像不太容易,shell编程好像可以获取相关信息,但是不能控制,不知道hook是否可行
yiwan_ny 2003-09-12
- 打赏
- 举报
关注!!
ghostmirror 2003-09-12
- 打赏
- 举报
你找找看 SHChangeNotify 和其他SH开头的api函数
topmonkey 2003-09-12
- 打赏
- 举报
大侠们,帮帮忙呀!自己顶一下。
紫郢剑侠 2003-09-12
- 打赏
- 举报
不懂,up。。。
flinming 2003-09-12
- 打赏
- 举报
不懂,up。。。
hili 2003-09-12
- 打赏
- 举报
关注
