Articles   Members Online:
-Article/Tip Search
-News Group Search over 21 Million news group articles.
-Delphi/Pascal
-CBuilder/C++
-C#Builder/C#
-JBuilder/Java
-Kylix
Member Area
-Home
-Account Center
-Top 10 NEW!!
-Submit Article/Tip
-Forums Upgraded!!
-My Articles
-Edit Information
-Login/Logout
-Become a Member
-Why sign up!
-Newsletter
-Chat Online!
-Indexes NEW!!
Employment
-Build your resume
-Find a job
-Post a job
-Resume Search
Contacts
-Contacts
-Feedbacks
-Link to us
-Privacy/Disclaimer
Embarcadero
Visit Embarcadero
Embarcadero Community
JEDI
Links
How to work with file security descriptors Turn on/off line numbers in source code. Switch to Orginial background IDE or DSP color Comment or reply to this aritlce/tip for discussion. Bookmark this article to my favorite article(s). Print this article
05-Jan-03
Category
Files Operation
Language
Delphi 2.x
Views
90
User Rating
No Votes
# Votes
0
Replies
0
Publisher:
DSP, Administrator
Reference URL:
DKB
			Author: Lou Adler

I want to be able to store a file and its security decriptor, then reload it later. 
I have been able to use GetFileSecurity and GetSecurityDescriptorOwner, but I don't 
understand how to translate this information into a transportable format, store it 
in a remote table, then retrieve it and rebuild the correct description?

Answer:

Below is code I have used to convert to a Self Relative SD:

1   { ... }
2   if Assigned(SD) then
3   begin
4     lpdwAbsoluteSecurityDescriptorSize := 0;
5     lpdwDaclSize := 0;
6     lpdwSaclSize := 0;
7     lpdwOwnerSize := 0;
8     lpdwPrimaryGroupSize := 0;
9     MakeAbsoluteSD(SD,
10      AbsoluteSID, lpdwAbsoluteSecurityDescriptorSize,
11      pDacl^, lpdwDaclSize,
12      pSacl^, lpdwSaclSize,
13      pOwner, lpdwOwnerSize,
14      pPrimaryGroup, lpdwPrimaryGroupSize);
15    GetMem(AbsoluteSID, lpdwAbsoluteSecurityDescriptorSize);
16    GetMem(pDacl, lpdwDaclSize);
17    GetMem(pSacl, lpdwSaclSize);
18    GetMem(pOwner, lpdwOwnerSize);
19    GetMem(pPrimaryGroup, lpdwPrimaryGroupSize);
20    try
21      if not MakeAbsoluteSD(SD, AbsoluteSID, lpdwAbsoluteSecurityDescriptorSize,
22        pDacl^, lpdwDaclSize, pSacl^, lpdwSaclSize, pOwner, lpdwOwnerSize,
23        pPrimaryGroup, lpdwPrimaryGroupSize) then
24        raise Exception.create(LastErrorMessage);
25      lpdwBufferLength := 0;
26      MakeSelfRelativeSD(AbsoluteSID, RelativeSID, lpdwBufferLength);
27      GetMem(RelativeSID, lpdwBufferLength);
28      if not MakeSelfRelativeSD(AbsoluteSID, RelativeSID, lpdwBufferLength) then
29        raise Exception.create(LastErrorMessage);
30    finally
31      FreeMem(AbsoluteSID, lpdwAbsoluteSecurityDescriptorSize);
32      FreeMem(pSacl, lpdwSaclSize);
33      FreeMem(pOwner, lpdwOwnerSize);
34      FreeMem(pPrimaryGroup, lpdwPrimaryGroupSize);
35    end;
36  end;
37  { ... }


For Windows 2000 and up: Retrieve only those parts of the security descriptor you need to persist through GetFileSecurity, convert it to a string using ConvertSecurityDescriptorToStringSecurityDescriptor. To restore the decriptor use ConvertStringSecurityDescriptorToSecurityDesciptor and SetFileSecurity.

			
Vote: How useful do you find this Article/Tip?
Bad Excellent
1 2 3 4 5 6 7 8 9 10

 

Advertisement
Share this page
Advertisement
Download from Google

Copyright © Mendozi Enterprises LLC