win32security
daryl_stultz at my-deja.com
daryl_stultz at my-deja.com
Tue Feb 22 13:26:15 EST 2000
I applied Mark's privilege procedure to the script (and changed a couple
of things) to get this:
*********************
import win32api
from ntsecuritycon import *
from win32security import *
from win32con import *
def AdjustPrivilege(priv, enable = 1):
# Get the process token.
flags = TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY
# Get the ID for the system shutdown privilege.
htoken = OpenProcessToken(win32api.GetCurrentProcess(), flags)
id = LookupPrivilegeValue(None, priv)
# Now obtain the privilege for this process.
# Create a list of the privileges to be added.
if enable:
newPrivileges = [(id, SE_PRIVILEGE_ENABLED)]
else:
newPrivileges = [(id, 0)]
# and make the adjustment.
AdjustTokenPrivileges(htoken, 0, newPrivileges)
#mainline
print "*" * 20
AdjustPrivilege(SE_SECURITY_NAME)
sid,domain,z = LookupAccountName('\\\\server1','dstultz') #server1 is
our server, dstultz is me
newACL=ACL()
newACL.AddAccessAllowedAce(GENERIC_ALL , sid)
fileSec=GetFileSecurity('e:\\test.txt',DACL_SECURITY_INFORMATION)
#text.txt is (duh) a test file
fileSec.SetDacl(1, newACL, 0)
SetFileSecurity('e:\\test.txt', DACL_SECURITY_INFORMATION, fileSec)
#this fails
*********************
Here is the error:
pywintypes.api_error: (1338, 'SetSecurityDescriptorDacl', 'The security
descriptor structure is invalid.')
I would think that SOMEONE must have a module to do this sort of thing:
Pass a filename and get/set access rights...
Sent via Deja.com http://www.deja.com/
Before you buy.
More information about the Python-list
mailing list