Windows C + + modifies user permissions for folder operations

Source: Internet
Author: User
Tags account security

The System files (folders) under General Windows only allow the limited account to read and not write and modify. If you want to turn on write permissions, you will need to manually modify the user account security permissions for the file (folder) (This will of course be performed under the Administrator account). The following program encapsulates the operation:

#include "stdafx.h" #include <stdio.h> #include <stdlib.h> #include <string.h> #include <windows.h > #include <AccCtrl.h> #include <aclapi.h>int enablefileaccountprivilege (pctstr Pszpath, Pctstr Pszaccount) {BOOL bsuccess = TRUE; Explicit_access EA; PACL pnewdacl = NULL; PACL Polddacl = null;do{//Gets the DACL list of the file (clip) securable object if (error_success! = GetNamedSecurityInfo (LPTSTR) Pszpath, Se_file_object , dacl_security_information, NULL, NULL, &AMP;POLDDACL, NULL, NULL)) {bsuccess = False;break;} You cannot use the AddAccessAllowedAce function directly here, because the existing DACL length is fixed and you must recreate a DACL object//To generate access control information for the specified user account (this is specified to give all access rights):: Buildexplicitaccesswithname (&ea, (LPTSTR) Pszaccount, Generic_all, grant_access, Sub_containers_and_objects_ INHERIT);//Create a new ACL object (merging existing ACL objects and user account access control information just generated) if (error_success! =:: SetEntriesInAcl (1, &ea, Polddacl, & Pnewdacl)) {bsuccess = False;break;} Set file (clip) securable object's DACL list if (error_success! =:: SetNamedSecurityInfo ((LPTSTR) Pszpath, Se_file_object, dacl_security_ Information, NULL, NULL, Pnewdacl, NULL)) {bsuccess = FALSE;}} while (FALSE); if (NULL! = Pnewdacl) {:: LocalFree (PNEWDACL);} return bsuccess;} int _tmain (int argc, _tchar* argv[]) {//Get the name of the currently logged on user wchar_t strbuffer[256] ={0};D Word dwsize = 256; GetUserName (strbuffer,&dwsize); const wchar_t Z_wszpath[max_path] = L "H:\\test2"; const wchar_t z_wszaccountname[ MAX_PATH] = L "Users"; if (! Enablefileaccountprivilege (Z_wszpath, z_wszaccountname)) {printf ("Change file account Privilege fail:%s", "H:\\test1" );} int z_flag = GetFileAttributes (L "h:\\test");//if (! ( z_flag&file_attribute_directory))//{//return 0;//}////if (z_flag&file_attribute_readonly)//{//printf (" Wangjian ");//}//setfileattributes (L" H:\\test ", File_attribute_normal); return 0;}

  

Common access rights

The security object uses the Windows access mask format, with four high-level descriptions of common access rights. Each securable object type maps to these bits to a series of standard and object special access rights. Example: A window File object mapping Generic_read bits to Read_control and synchronize standard access and File_read_data, File_read_ea, and File_read_ The Attributes object specifies access rights. Other types of object mappings Generic_read bits to some access rights that are adapted to the type object.
You can use common access permissions to specify the type of access you want when you open an object handle, which is usually simpler than specifying all of the corresponding standards and specific permissions.

The following table shows the constants that are defined for common access permissions.

Constant

Explain

Generic_all

Read, write, and execute access

Generic_execute

Perform

Generic_read

Read

Generic_write

Write

Windows C + + modifies user permissions for folder operations

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.