file() and Win32 security attributes
Tim Golden
tim.golden at viacom-outdoor.co.uk
Fri Feb 27 03:50:02 EST 2004
GK> how can I force file() to create files that
GK> have "ALL ACCESS FOR EVERYONE" security attributes? Other than by a
GK> major rewrite of my existing code modules replacing the existing
GK> "native-python" code by win32file / win32security calls?
In short, I don't believe you can (other than reworking the necessary
Python module source and rebuilding...). However (and I'm not an NT
security guru by any means) I think you can up permissions so that the
files in a directory inherit the folder's permissions. This won't of
course help you if you want to create files in arbitrary directories.
>In case you're wondering what is happening here:
>
>- user A with admin rights logs on to NT and uses python to create a
>file
>- user A logs off
>- user B without admin rights logs on to NT and uses python to access
>said file -> doesn't work, because B has no admin rights and cannot
>access files created by an administrator.
Strictly, it doesn't matter who the file is created by, but rather
what permissions it acquires during its creation. (The ownership
might matter as a tie-breaker but I'm not sure what happens if an
administrator removes my permissions on a file which I own).
I do have a rough-edged nt_security module (based on the win32all/pywin32
stuff)
which does something to simplify ACL maintenance. If you're interested, let
me
know.
TJG
________________________________________________________________________
This e-mail has been scanned for all viruses by Star Internet. The
service is powered by MessageLabs. For more information on a proactive
anti-virus service working around the clock, around the globe, visit:
http://www.star.net.uk
________________________________________________________________________
More information about the Python-list
mailing list