Huayang Xia wrote: > I'd like to call pythoncom.CoInitializeSecurity with a > PySecurityDescriptor object to set the process-wide security values. > But I'm not able to find a way to let the code go through. > > I have read MSDN and searched web, I've not been able to find answer. I > cooked a security descriptor like this (assume aces is a tuple of tuple > (access, sid) : > > > > sd = win32security.SECURITY_DESCRIPTOR() > sd.Initialize() > sd.SetSecurityDescriptorOwner(sid_owner, False) > sd.SetSecurityDescriptorGroup(sid_group, False) > > > # create DACL > dacl = win32security.ACL() > dacl.Initialize() > for (access, acc_sid) in aces: > # Add ACE which is access and SID > dacl.AddAccessAllowedAce(win32security.ACL_REVISION, access, > isinstance(acc_sid, (unicode, str)) and > win32security.ConvertStringSidToSid(acc_sid) or acc_sid) > > sd.SetDacl(True, dacl, False) # SetSecurityDescriptorDacl > print sd.IsSelfRelative() # result is 1 > > The sd is a self relative one. > >>From MSDN, after calling InitializeSecurityDescriptor, the sd is > absolute sd, and CoInitializeSecurity needs absolute sd. Pythonwin has > not wrapped function like 'MakeAbsoluteSD'. > > Has someone ever had same problem. Could you give a hint for solving > the problem. Thanks. > > Regards
PySECURITY_DESCRIPTOR's are always stored in self-relative format. They should be converted automatically in the few places that require an absolute SD, but looks like this one was missed. Could you file a bug report on SourceForge ? http://sourceforge.net/projects/pywin32/ Roger ----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==---- http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups ----= East and West-Coast Server Farms - Total Privacy via Encryption =---- -- http://mail.python.org/mailman/listinfo/python-list