Reading the access attributes of directories in Windows

[Tim Golden]

On 21/08/2010 1:01 PM, vsoler wrote:
> I am using a system in the Spanish language. As you can see in the
> last line, 'Acceso denegado' or 'Access denied' even though the flag
> "ignore_access_errors" is set to True.

Sorry, meant to reply to this point as well. The ignore_access_errors
flag only applies to finding the file's existence in the first place
(it's a flag to the dirs iterator) but you're getting access denied
on the attempt to read security.

If the option to run in an Administrator-enabled windows isn't applicable,
you've got a couple more options open: you could catch that specific
error in a try-except block and do something which made sense in your
context (write it to a log, discard it, whatever). You wouldn't get the
information but it wouldn't stop you proceeding.

As an alternative you could ask for slightly less information from the
security () function. By default it requests Owner and DACL info; if
you only wanted the DACL you can just pass "D" as the options parameter
to the call. Obviously, if it's the request for DACL which is giving
the access error then this won't help.

Another alternative is to enable any privileges in your access token
which aren't enabled by default. The likelihood is that, without
running in Admin mode, the disabled privs won't offer you much. You
can see what privileges you currently have by looking at your process
token:

<code>
from winsys import security

security.token ().dump ()

</code>

Look for the set of privileges: an asterisk (*) means the priv
is enabled by default; a plus (+) means it has been enabled;
a minus (-) means it has not been enabled. If you had backup
privilege enabled you would be able to read the security of
any filesystem object even if you had no rights to it.

TJG