Windows System Programming Third Edition [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

جستجو بر اساس ... همه عنوان پدیدآور موضوع یادداشت تمام متن
اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا
جستجو در لغت نامه
بیشتر
کتابخانه شخصی پرسش از کتابدار ارسال منبع

Windows System Programming Third Edition [Electronic resources] - نسخه متنی

Johnson M. Hart

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
میخواهم بخوانم
درحال خواندن
خوانده شده
ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات

Index
Windows System Programming Third Edition
By Johnson M. Hart
Publisher: Addison Wesley Professional
Pub Date: October 26, 2004
ISBN: 0-321-25619-0
Pages: 576

توضیحات
افزودن یادداشت جدید











  • Reading and Changing Security Descriptors


    Now that a security descriptor is associated with a file, the next step is to determine the security of an existing file and, in turn, change it. The following functions get and set file security in terms of security descriptors.


    BOOL GetFileSecurity (
    LPCTSTR lpFileName,
    SECURITY_INFORMATION secInfo,
    PSECURITY_DESCRIPTOR pSecurityDescriptor,
    DWORD cbSd,
    LPDWORD lpcbLengthNeeded)
    BOOL SetFileSecurity (
    LPCTSTR lpFileName,
    SECURITY_INFORMATION secInfo,
    PSECURITY_DESCRIPTOR pSecurityDescriptor)


    secInfo is an enumerated type that takes on values such as OWNER_SECURITY_INFORMATION, GROUP_SECURITY_INFORMATION, DACL_SECURITY_INFORMATION, and SACL_SECURITY_INFORMATION to indicate what part of the security descriptor to get or set. These values can be combined with the bit-wise "or" operator.Program 15-4 operates this way.

    Needless to say, the correct file permissions are required in order to carry out these operations. For example, it is necessary to have WRITE_DAC permission or to be the object's owner to succeed with SetFileSecurity.

    The functions GetSecurityDescriptorOwner and GetSecurityDescriptorGroup can extract the SIDs from the security descriptor obtained with GetFileSecurity. Obtain the ACL with the GetSecurityDescriptorDacl function.


    BOOL GetSecurityDescriptorDacl (
    PSECURITY_DESCRIPTOR pSecurityDescriptor,
    LPBOOL lpbDaclPresent,
    PACL *pAcl,
    LPBOOL lpbDaclDefaulted)


    The parameters are nearly identical to those of SetSecurityDescriptorDacl except that the flags are returned to indicate whether a discretionary ACL is actually present and was set as a default or by a user.

    To interpret an ACL, it is necessary to find out how many ACEs it contains.


    BOOL GetAclInformation (
    PACL pAcl,
    LPVOID pAclInformation,
    DWORD cbAclInfo,
    ACL_INFORMATION_CLASS dwAclInfoClass)


    In most cases, the ACL information class, dwAclInfoClass, is AclSizeInformation, and the pAclInformation parameter is a structure of type ACL_SIZE_INFORMATION. AclRevisionInformation is the other value for the class.

    An ACL_SIZE_INFORMATION structure has three members: the most important one is AceCount, which shows how many entries are in the list. To determine whether the ACL is large enough, look at the AclBytesInUse and AclBytesFree members of the ACL_SIZE_INFORMATION structure.

    The GetAce function retrieves ACEs by index.


    BOOL GetAce (
    PACL pAcl,
    DWORD dwAceIndex,
    LPVOID *pAce)


    Obtain the ACEs (the total number is now known) by using an index. pAce points to an ACE structure, which has a member called Header, which, in turn, has an AceType member. The type can be tested for ACCESS_ALLOWED_ACE and ACCESS_DENIED_ACE.


    • / 291