[python-win32] Re: Extracting share permissions

Tue, 31 Jan 2006 18:25:36 -0800 

----- Original Message ----- 
From: "Brad Tilley" <[EMAIL PROTECTED]>
To: "Roger Upole" <[EMAIL PROTECTED]>
Cc: <python-win32@python.org>
Sent: Tuesday, January 31, 2006 8:28 PM
Subject: Re: [python-win32] Re: Extracting share permissions


> Quoting Roger Upole <[EMAIL PROTECTED]>:
>
>> [Sorry, somehow I massively screwed up the format the first time]
>>
>> There are a couple of different options for persisting a security
>> descriptor.
>>
>> buffer(security_descriptor)[:] retrieves the raw bytes in binary form.
>> This can be passed to pywintypes.SECURITY_DESCRIPTOR to recreate the
>> PySECURITY_DESCRIPTOR.
>>
>> Also, you can use
>> win32security.ConvertSecurityDescriptorToStringSecurityDescriptor
>> to create a text representation and
>> win32security.ConvertStringSecurityDescriptorToSecurityDescriptor
>> to recreate the PySECURITY_DESCRIPTOR.
>>
>> That reminds me, there's a bug in the routine in win32net that parses 
>> info
>> out of dictionaries.  If you pass in None to indicate a NULL security
>> descriptor,
>> you get an access violation.  I'll get a fix in for that soon.
>>
>>         Roger
>
> Hey guys... thanks for all of the advice. I'm still trying to bang thru 
> this...
> I've read msdn articles until I finally understand why Windows has so many
> problems: it's too darn complex. Anyway, here's where I'm at. Just
> experimenting. Please chip in and help me make sense of this:
>
> import win32net, win32security, pywintypes
>
> shares = win32net.NetShareEnum(None, 502)
> for share in shares[0]:
>    try:
>        sd = share['security_descriptor']
>        print sd.GetLength()
>        print sd.IsValid()
>        print type(sd)
>        text =
> win32security.ConvertSecurityDescriptorToStringSecurityDescriptor(sd,
> win32security.SDDL_REVISION_1,
>                               win32security.OWNER_SECURITY_INFORMATION)

You'll need to pass OWNER_SECURITY_INFORMATION|GROUP_SECURITY_INFORMATION|
DACL_SECURITY_INFORMATION|SACL_SECURITY_INFORMATION
to make sure you convert all the info in the security descriptor.
Also, you probably ought to check if the returned security descriptor is 
None before
trying to convert it, since shares can have a NULL security descriptor.

>        print text
>        bytes = buffer(sd)
>        print bytes, type(bytes), len(bytes)
>    except Exception, e:
>        print e
>
>

Other than that, looks pretty good.  Either of these approaches should give 
you
something that can be stored to duplicate your current permissions.

         Roger

_______________________________________________
Python-win32 mailing list
Python-win32@python.org
http://mail.python.org/mailman/listinfo/python-win32

Reply via email to