文件的ACE数量-文件属性的“安全性”选项卡中只有9个成员,但它从ACL返回13 ACE

问题描述 投票:-1回答:1

void main(){

PSID UserSID = NULL;
PSID GroupSID = NULL;
//PSECURITY_DESCRIPTOR *SD = new PSECURITY_DESCRIPTOR;
PSECURITY_DESCRIPTOR SD = (PSECURITY_DESCRIPTOR)GlobalAlloc(GMEM_FIXED, sizeof(PSECURITY_DESCRIPTOR));
PACL pDACL ;
ULONG Count = NULL;
PEXPLICIT_ACCESS_W* pExplicitEntries = new PEXPLICIT_ACCESS_W;


string input, ext = "";
wcout << "Enter the location : " << endl;
std::getline(cin, input);
LPCSTR file = input.c_str();

HANDLE hFile = CreateFileA(file, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_FLAG_BACKUP_SEMANTICS, NULL);

if (hFile == INVALID_HANDLE_VALUE)
{
    if (GetLastError() == ERROR_ACCESS_DENIED)
    {
        cout << "Access Denied : System Files" << endl;
        return;
    }
    else if (GetLastError() == ERROR_PATH_NOT_FOUND)
    {
        cout << "Path Name Not Found" << endl;
        return;
    }
    else if (GetLastError() == ERROR_FILE_NOT_FOUND)
    {
        cout << "File Not Found" << endl;
        return;
    }
    else
    {
        cout << GetLastError() << endl;
        return;                                                                                                                                                                                                                                                                     
    }
}
cout << GetLastError() << endl;

if ((GetSecurityInfo(hFile,SE_FILE_OBJECT,DACL_SECURITY_INFORMATION, NULL, NULL, &pDACL, NULL, &SD)) == ERROR_SUCCESS)
{
    cout << "Number of ACE : " << pDACL->AceCount << endl;  
    cout << GetLastError() << endl;
}

for (int i = 0; i < pDACL->AceCount; i++)
{
    PACCESS_ALLOWED_ACE AceItem;
    ACE_HEADER* AceHdr = NULL;
    if (GetAce(pDACL, i, (LPVOID*)&AceItem) && GetAce(pDACL, i, (LPVOID*)&AceHdr))
    {
        TCHAR AccountBuff[80];
        TCHAR DomainBuff[80];
        DWORD AccountBufflength = 40;
        DWORD DomainBufflength = 40;
        PSID_NAME_USE peUse = new SID_NAME_USE;
        PSID Sid = &AceItem->SidStart;

        LookupAccountSidW(NULL, Sid, AccountBuff, &AccountBufflength, DomainBuff, &DomainBufflength,peUse);

        wcout << "\n----- " << AccountBuff << " @ " << DomainBuff << " -----\n" << endl;

        wcout << "AceType : " << AceHdr->AceType << " " << "Ace Flag : " << AceHdr->AceFlags << "\n" << endl;

        DisplayAccessMask(AceItem->Mask);

    }
    else
    {
        cout << GetLastError() << endl;
    }
}

}`

如何在文件属性的安全性选项卡中获取正确数量的ACE?文件属性的“安全性”选项卡中只有9个成员,但是访问控制列表由13个ACE组成。谁能告诉我如何使安全性标签->中列出的用户和他们的文件许可权...

c++ winapi acl
1个回答
0
投票

ACE包含一组访问权限和一个安全标识符(SID)标识允许,拒绝或授予其权利的受托人已审核。

ACE是访问控制项,它与用户和组不是一一对应的。

访问控制列表(ACL)中的每个ACE适用于一个受托人。但是对于一个受托人来说,可能有多个ACE,如下所示,同一个Administrators组具有两个ACE,一个是拒绝类型,另一个是允许类型:

enter image description here

[谁能告诉我如何让用户显示在“安全性”选项卡中->高级及其文件权限...

[GetSecurityInfo确实给了我一致的文件属性->安全->高级权限条目。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.