ReactOS  0.4.12-dev-36-g472787f
cacls.c
Go to the documentation of this file.
1 /*
2  * ReactOS Control ACLs Program
3  * Copyright (C) 2006 Thomas Weidenmueller
4  *
5  * This library is free software; you can redistribute it and/or
6  * modify it under the terms of the GNU Lesser General Public
7  * License as published by the Free Software Foundation; either
8  * version 2.1 of the License, or (at your option) any later version.
9  *
10  * This library is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  * Lesser General Public License for more details.
14  *
15  * You should have received a copy of the GNU Lesser General Public
16  * License along with this library; if not, write to the Free Software
17  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
18  */
19 
20 #include "precomp.h"
21 
22 /* command line options */
23 BOOL OptionT = FALSE, OptionE = FALSE, OptionC = FALSE;
24 BOOL OptionG = FALSE, OptionR = FALSE, OptionP = FALSE, OptionD = FALSE;
25 LPCTSTR GUser, GPerm, RUser, PUser, PPerm, DUser;
26 
27 static GENERIC_MAPPING FileGenericMapping =
28 {
29  FILE_GENERIC_READ,
30  FILE_GENERIC_WRITE,
31  FILE_GENERIC_EXECUTE,
32  FILE_ALL_ACCESS
33 };
34 
35 
36 static VOID
37 PrintError(DWORD dwError)
38 {
39  if (dwError == ERROR_SUCCESS)
40  return;
41 
42  ConMsgPuts(StdErr, FORMAT_MESSAGE_FROM_SYSTEM,
43  NULL, dwError, LANG_USER_DEFAULT);
44 }
45 
46 static BOOL
47 PrintFileDacl(IN LPTSTR FilePath,
48  IN LPTSTR FileName)
49 {
50  SIZE_T Length;
51  PSECURITY_DESCRIPTOR SecurityDescriptor;
52  DWORD SDSize = 0;
53  TCHAR FullFileName[MAX_PATH + 1];
54  BOOL Error = FALSE, Ret = FALSE;
55 
56  Length = _tcslen(FilePath) + _tcslen(FileName);
57  if (Length > MAX_PATH)
58  {
59  /* file name too long */
60  SetLastError(ERROR_FILE_NOT_FOUND);
61  return FALSE;
62  }
63 
64  _tcscpy(FullFileName, FilePath);
65  _tcscat(FullFileName, FileName);
66 
67  /* find out how much memory we need */
68  if (!GetFileSecurity(FullFileName,
69  DACL_SECURITY_INFORMATION,
70  NULL,
71  0,
72  &SDSize) &&
73  GetLastError() != ERROR_INSUFFICIENT_BUFFER)
74  {
75  return FALSE;
76  }
77 
78  SecurityDescriptor = (PSECURITY_DESCRIPTOR)HeapAlloc(GetProcessHeap(),
79  0,
80  SDSize);
81  if (SecurityDescriptor != NULL)
82  {
83  if (GetFileSecurity(FullFileName,
84  DACL_SECURITY_INFORMATION,
85  SecurityDescriptor,
86  SDSize,
87  &SDSize))
88  {
89  PACL Dacl;
90  BOOL DaclPresent;
91  BOOL DaclDefaulted;
92 
93  if (GetSecurityDescriptorDacl(SecurityDescriptor,
94  &DaclPresent,
95  &Dacl,
96  &DaclDefaulted))
97  {
98  if (DaclPresent)
99  {
100  PACCESS_ALLOWED_ACE Ace;
101  DWORD AceIndex = 0;
102 
103  /* dump the ACL */
104  while (GetAce(Dacl,
105  AceIndex,
106  (PVOID*)&Ace))
107  {
108  SID_NAME_USE Use;
109  DWORD NameSize = 0;
110  DWORD DomainSize = 0;
111  LPTSTR Name = NULL;
112  LPTSTR Domain = NULL;
113  LPTSTR SidString = NULL;
114  DWORD IndentAccess;
115  DWORD AccessMask = Ace->Mask;
116  PSID Sid = (PSID)&Ace->SidStart;
117 
118  /* attempt to translate the SID into a readable string */
119  if (!LookupAccountSid(NULL,
120  Sid,
121  Name,
122  &NameSize,
123  Domain,
124  &DomainSize,
125  &Use))
126  {
127  if (GetLastError() == ERROR_NONE_MAPPED || NameSize == 0)
128  {
129  goto BuildSidString;
130  }
131  else
132  {
133  if (GetLastError() != ERROR_INSUFFICIENT_BUFFER)
134  {
135  Error = TRUE;
136  break;
137  }
138 
139  Name = (LPTSTR)HeapAlloc(GetProcessHeap(),
140  0,
141  (NameSize + DomainSize) * sizeof(TCHAR));
142  if (Name == NULL)
143  {
144  SetLastError(ERROR_NOT_ENOUGH_MEMORY);
145  Error = TRUE;
146  break;
147  }
148 
149  Domain = Name + NameSize;
150  Name[0] = _T('\0');
151  if (DomainSize != 0)
152  Domain[0] = _T('\0');
153  if (!LookupAccountSid(NULL,
154  Sid,
155  Name,
156  &NameSize,
157  Domain,
158  &DomainSize,
159  &Use))
160  {
161  HeapFree(GetProcessHeap(),
162  0,
163  Name);
164  Name = NULL;
165  goto BuildSidString;
166  }
167  }
168  }
169  else
170  {
171 BuildSidString:
172  if (!ConvertSidToStringSid(Sid,
173  &SidString))
174  {
175  Error = TRUE;
176  break;
177  }
178  }
179 
180  /* print the file name or space */
181  ConPrintf(StdOut, L"%s ", FullFileName);
182 
183  /* attempt to map the SID to a user name */
184  if (AceIndex == 0)
185  {
186  DWORD i = 0;
187 
188  /* overwrite the full file name with spaces so we
189  only print the file name once */
190  while (FullFileName[i] != _T('\0'))
191  FullFileName[i++] = _T(' ');
192  }
193 
194  /* print the domain and/or user if possible, or the SID string */
195  if (Name != NULL && Domain[0] != _T('\0'))
196  {
197  ConPrintf(StdOut, L"%s\\%s:", Domain, Name);
198  IndentAccess = (DWORD)_tcslen(Domain) + _tcslen(Name);
199  }
200  else
201  {
202  LPTSTR DisplayString = (Name != NULL ? Name : SidString);
203 
204  ConPrintf(StdOut, L"%s:", DisplayString);
205  IndentAccess = (DWORD)_tcslen(DisplayString);
206  }
207 
208  /* print the ACE Flags */
209  if (Ace->Header.AceFlags & CONTAINER_INHERIT_ACE)
210  {
211  IndentAccess += ConResPuts(StdOut, IDS_ABBR_CI);
212  }
213  if (Ace->Header.AceFlags & OBJECT_INHERIT_ACE)
214  {
215  IndentAccess += ConResPuts(StdOut, IDS_ABBR_OI);
216  }
217  if (Ace->Header.AceFlags & INHERIT_ONLY_ACE)
218  {
219  IndentAccess += ConResPuts(StdOut, IDS_ABBR_IO);
220  }
221 
222  IndentAccess += 2;
223 
224  /* print the access rights */
225  MapGenericMask(&AccessMask,
226  &FileGenericMapping);
227  if (Ace->Header.AceType & ACCESS_DENIED_ACE_TYPE)
228  {
229  if (AccessMask == FILE_ALL_ACCESS)
230  {
231  ConResPuts(StdOut, IDS_ABBR_NONE);
232  }
233  else
234  {
235  ConResPuts(StdOut, IDS_DENY);
236  goto PrintSpecialAccess;
237  }
238  }
239  else
240  {
241  if (AccessMask == FILE_ALL_ACCESS)
242  {
243  ConResPuts(StdOut, IDS_ABBR_FULL);
244  }
245  else if (!(Ace->Mask & (GENERIC_READ | GENERIC_EXECUTE)) &&
246  AccessMask == (FILE_GENERIC_READ | FILE_EXECUTE))
247  {
248  ConResPuts(StdOut, IDS_ABBR_READ);
249  }
250  else if (AccessMask == (FILE_GENERIC_READ | FILE_GENERIC_WRITE | FILE_EXECUTE | DELETE))
251  {
252  ConResPuts(StdOut, IDS_ABBR_CHANGE);
253  }
254  else if (AccessMask == FILE_GENERIC_WRITE)
255  {
256  ConResPuts(StdOut, IDS_ABBR_WRITE);
257  }
258  else
259  {
260  DWORD x, x2;
261  static const struct
262  {
263  DWORD Access;
264  UINT uID;
265  }
266  AccessRights[] =
267  {
268  {FILE_WRITE_ATTRIBUTES, IDS_FILE_WRITE_ATTRIBUTES},
269  {FILE_READ_ATTRIBUTES, IDS_FILE_READ_ATTRIBUTES},
270  {FILE_DELETE_CHILD, IDS_FILE_DELETE_CHILD},
271  {FILE_EXECUTE, IDS_FILE_EXECUTE},
272  {FILE_WRITE_EA, IDS_FILE_WRITE_EA},
273  {FILE_READ_EA, IDS_FILE_READ_EA},
274  {FILE_APPEND_DATA, IDS_FILE_APPEND_DATA},
275  {FILE_WRITE_DATA, IDS_FILE_WRITE_DATA},
276  {FILE_READ_DATA, IDS_FILE_READ_DATA},
277  {FILE_GENERIC_EXECUTE, IDS_FILE_GENERIC_EXECUTE},
278  {FILE_GENERIC_WRITE, IDS_FILE_GENERIC_WRITE},
279  {FILE_GENERIC_READ, IDS_FILE_GENERIC_READ},
280  {GENERIC_ALL, IDS_GENERIC_ALL},
281  {GENERIC_EXECUTE, IDS_GENERIC_EXECUTE},
282  {GENERIC_WRITE, IDS_GENERIC_WRITE},
283  {GENERIC_READ, IDS_GENERIC_READ},
284  {MAXIMUM_ALLOWED, IDS_MAXIMUM_ALLOWED},
285  {ACCESS_SYSTEM_SECURITY, IDS_ACCESS_SYSTEM_SECURITY},
286  {SPECIFIC_RIGHTS_ALL, IDS_SPECIFIC_RIGHTS_ALL},
287  {STANDARD_RIGHTS_REQUIRED, IDS_STANDARD_RIGHTS_REQUIRED},
288  {SYNCHRONIZE, IDS_SYNCHRONIZE},
289  {WRITE_OWNER, IDS_WRITE_OWNER},
290  {WRITE_DAC, IDS_WRITE_DAC},
291  {READ_CONTROL, IDS_READ_CONTROL},
292  {DELETE, IDS_DELETE},
293  {STANDARD_RIGHTS_ALL, IDS_STANDARD_RIGHTS_ALL},
294  };
295 
296  ConResPuts(StdOut, IDS_ALLOW);
297 
298 PrintSpecialAccess:
299  ConResPuts(StdOut, IDS_SPECIAL_ACCESS);
300 
301  /* print the special access rights */
302  x = ARRAYSIZE(AccessRights);
303  while (x-- != 0)
304  {
305  if ((Ace->Mask & AccessRights[x].Access) == AccessRights[x].Access)
306  {
307  ConPrintf(StdOut, L"\n%s ", FullFileName);
308  for (x2 = 0; x2 < IndentAccess; x2++)
309  {
310  ConPuts(StdOut, L" ");
311  }
312 
313  ConResPuts(StdOut, AccessRights[x].uID);
314  }
315  }
316 
317  ConPuts(StdOut, L"\n");
318  }
319  }
320 
321  ConPuts(StdOut, L"\n");
322 
323  /* free up all resources */
324  if (Name != NULL)
325  {
326  HeapFree(GetProcessHeap(),
327  0,
328  Name);
329  }
330 
331  if (SidString != NULL)
332  {
333  LocalFree((HLOCAL)SidString);
334  }
335 
336  AceIndex++;
337  }
338 
339  if (!Error)
340  Ret = TRUE;
341  }
342  else
343  {
344  SetLastError(ERROR_NO_SECURITY_ON_OBJECT);
345  }
346  }
347  }
348 
349  HeapFree(GetProcessHeap(),
350  0,
351  SecurityDescriptor);
352  }
353  else
354  {
355  SetLastError(ERROR_NOT_ENOUGH_MEMORY);
356  }
357 
358  return Ret;
359 }
360 
361 /* add a backslash at end to a path string if necessary */
362 static VOID
363 AddBackslash(LPTSTR FilePath)
364 {
365  INT len = lstrlen(FilePath);
366  LPTSTR pch = CharPrev(FilePath, FilePath + len);
367  if (*pch != _T('\\'))
368  lstrcat(pch, _T("\\"));
369 }
370 
371 static BOOL
372 GetPathOfFile(LPTSTR FilePath, LPCTSTR pszFiles)
373 {
374  TCHAR FullPath[MAX_PATH];
375  LPTSTR pch;
376  DWORD attrs;
377 
378  lstrcpyn(FilePath, pszFiles, MAX_PATH);
379  pch = _tcsrchr(FilePath, _T('\\'));
380  if (pch != NULL)
381  {
382  *pch = 0;
383  if (!GetFullPathName(FilePath, MAX_PATH, FullPath, NULL))
384  {
385  PrintError(GetLastError());
386  return FALSE;
387  }
388  lstrcpyn(FilePath, FullPath, MAX_PATH);
389 
390  attrs = GetFileAttributes(FilePath);
391  if (attrs == 0xFFFFFFFF || !(attrs & FILE_ATTRIBUTE_DIRECTORY))
392  {
393  PrintError(ERROR_DIRECTORY);
394  return FALSE;
395  }
396  }
397  else
398  GetCurrentDirectory(MAX_PATH, FilePath);
399 
400  AddBackslash(FilePath);
401  return TRUE;
402 }
403 
404 static BOOL
405 PrintDaclsOfFiles(LPCTSTR pszFiles)
406 {
407  TCHAR FilePath[MAX_PATH];
408  WIN32_FIND_DATA FindData;
409  HANDLE hFind;
410  DWORD LastError;
411 
412  /*
413  * get the file path
414  */
415  if (!GetPathOfFile(FilePath, pszFiles))
416  return FALSE;
417 
418  /*
419  * search for the files
420  */
421  hFind = FindFirstFile(pszFiles, &FindData);
422  if (hFind == INVALID_HANDLE_VALUE)
423  return FALSE;
424 
425  do
426  {
427  if (FindData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
428  continue;
429 
430  if (!PrintFileDacl(FilePath, FindData.cFileName))
431  {
432  LastError = GetLastError();
433  if (LastError == ERROR_ACCESS_DENIED)
434  {
435  PrintError(LastError);
436  if (!OptionC)
437  {
438  FindClose(hFind);
439  return FALSE;
440  }
441  }
442  else
443  {
444  break;
445  }
446  }
447  else
448  {
449  ConPuts(StdOut, L"\n");
450  }
451  } while(FindNextFile(hFind, &FindData));
452  LastError = GetLastError();
453  FindClose(hFind);
454 
455  if (LastError != ERROR_NO_MORE_FILES)
456  {
457  PrintError(LastError);
458  return FALSE;
459  }
460 
461  return TRUE;
462 }
463 
464 static BOOL
465 GrantUserAccessRights(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User, TCHAR Perm)
466 {
467  /* TODO & FIXME */
468  switch(Perm)
469  {
470  case _T('R'): // Read
471  break;
472  case _T('W'): // Write
473  break;
474  case _T('C'): // Change (write)
475  break;
476  case _T('F'): // Full control
477  break;
478  default:
479  break;
480  }
481  return FALSE;
482 }
483 
484 static BOOL
485 ReplaceUserAccessRights(
486  LPCTSTR FilePath,
487  LPCTSTR File,
488  LPCTSTR User,
489  TCHAR Perm)
490 {
491  /* TODO & FIXME */
492  switch(Perm)
493  {
494  case _T('N'): // None
495  break;
496  case _T('R'): // Read
497  break;
498  case _T('W'): // Write
499  break;
500  case _T('C'): // Change (write)
501  break;
502  case _T('F'): // Full control
503  break;
504  default:
505  break;
506  }
507  return FALSE;
508 }
509 
510 static BOOL
511 EditUserAccessRights(
512  LPCTSTR FilePath,
513  LPCTSTR File,
514  LPCTSTR User,
515  TCHAR Perm)
516 {
517  /* TODO & FIXME */
518  switch(Perm)
519  {
520  case _T('N'): // None
521  break;
522  case _T('R'): // Read
523  break;
524  case _T('W'): // Write
525  break;
526  case _T('C'): // Change (write)
527  break;
528  case _T('F'): // Full control
529  break;
530  default:
531  break;
532  }
533  return FALSE;
534 }
535 
536 static BOOL
537 DenyUserAccess(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User)
538 {
539  /* TODO & FIXME */
540  return FALSE;
541 }
542 
543 static BOOL
544 RevokeUserAccessRights(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User)
545 {
546  /* TODO & FIXME */
547  return FALSE;
548 }
549 
550 static BOOL
551 ChangeFileACL(LPCTSTR FilePath, LPCTSTR File)
552 {
553  if (OptionG)
554  {
555  /* Grant specified user access rights. */
556  GrantUserAccessRights(FilePath, File, GUser, *GPerm);
557  }
558 
559  if (OptionP)
560  {
561  if (!OptionE)
562  {
563  /* Replace specified user's access rights. */
564  ReplaceUserAccessRights(FilePath, File, PUser, *PPerm);
565  }
566  else
567  {
568  /* Edit ACL instead of replacing it. */
569  EditUserAccessRights(FilePath, File, PUser, *PPerm);
570  }
571  }
572 
573  if (OptionD)
574  {
575  /* Deny specified user access. */
576  DenyUserAccess(FilePath, File, DUser);
577  }
578 
579  if (OptionR)
580  {
581  /* Revoke specified user's access rights. */
582  RevokeUserAccessRights(FilePath, File, RUser);
583  }
584 
585  return TRUE;
586 }
587 
588 static BOOL
589 ChangeACLsOfFiles(LPCTSTR pszFiles)
590 {
591  TCHAR FilePath[MAX_PATH];
592  HANDLE hFind;
593  WIN32_FIND_DATA FindData;
594  DWORD LastError;
595 
596  /*
597  * get the file path
598  */
599  if (!GetPathOfFile(FilePath, pszFiles))
600  return FALSE;
601 
602  /*
603  * search for files in current directory
604  */
605  hFind = FindFirstFile(pszFiles, &FindData);
606  if (hFind == INVALID_HANDLE_VALUE)
607  return FALSE;
608 
609  do
610  {
611  if (FindData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
612  continue;
613 
614  if (!ChangeFileACL(FilePath, FindData.cFileName))
615  {
616  LastError = GetLastError();
617  if (LastError == ERROR_ACCESS_DENIED)
618  {
619  PrintError(LastError);
620  if (!OptionC)
621  {
622  FindClose(hFind);
623  return FALSE;
624  }
625  }
626  else
627  break;
628  }
629  } while(FindNextFile(hFind, &FindData));
630 
631  LastError = GetLastError();
632  FindClose(hFind);
633 
634  if (LastError != ERROR_NO_MORE_FILES)
635  {
636  PrintError(LastError);
637  return FALSE;
638  }
639 
640  return TRUE;
641 }
642 
643 static BOOL
644 ChangeACLsOfFilesInCurDir(LPCTSTR pszFiles)
645 {
646  HANDLE hFind;
647  WIN32_FIND_DATA FindData;
648  TCHAR szCurDir[MAX_PATH];
649  DWORD LastError;
650 
651  /*
652  * get the file path (current directory)
653  */
654  GetCurrentDirectory(MAX_PATH, szCurDir);
655  AddBackslash(szCurDir);
656 
657  /*
658  * search for files in current directory
659  */
660  hFind = FindFirstFile(pszFiles, &FindData);
661  if (hFind == INVALID_HANDLE_VALUE)
662  return FALSE;
663 
664  do
665  {
666  if (FindData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
667  continue;
668 
669  if (!ChangeFileACL(szCurDir, FindData.cFileName))
670  {
671  LastError = GetLastError();
672  if (LastError == ERROR_ACCESS_DENIED)
673  {
674  PrintError(LastError);
675  if (!OptionC)
676  {
677  FindClose(hFind);
678  return FALSE;
679  }
680  }
681  else
682  break;
683  }
684  } while(FindNextFile(hFind, &FindData));
685 
686  LastError = GetLastError();
687  FindClose(hFind);
688 
689  if (LastError != ERROR_NO_MORE_FILES)
690  {
691  PrintError(LastError);
692  return FALSE;
693  }
694 
695  /*
696  * search for subdirectory in current directory
697  */
698  hFind = FindFirstFile(_T("*"), &FindData);
699  if (hFind == INVALID_HANDLE_VALUE)
700  return FALSE;
701  do
702  {
703  if (_tcscmp(FindData.cFileName, _T(".")) == 0 ||
704  _tcscmp(FindData.cFileName, _T("..")) == 0)
705  continue;
706 
707  if (FindData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
708  {
709  GetCurrentDirectory(MAX_PATH, szCurDir);
710  if (SetCurrentDirectory(FindData.cFileName))
711  {
712  ChangeACLsOfFilesInCurDir(pszFiles);
713  SetCurrentDirectory(szCurDir);
714  }
715  else
716  {
717  LastError = GetLastError();
718  if (LastError == ERROR_ACCESS_DENIED)
719  {
720  PrintError(LastError);
721  if (!OptionC)
722  {
723  FindClose(hFind);
724  return FALSE;
725  }
726  }
727  else
728  break;
729  }
730  }
731  } while(FindNextFile(hFind, &FindData));
732  LastError = GetLastError();
733  FindClose(hFind);
734 
735  if (LastError != ERROR_NO_MORE_FILES)
736  {
737  PrintError(LastError);
738  return FALSE;
739  }
740  return TRUE;
741 }
742 
743 int _tmain(int argc, const TCHAR *argv[])
744 {
745  INT i;
746  LPTSTR pch;
747  BOOL InvalidParameter = FALSE;
748 
749  /* Initialize the Console Standard Streams */
750  ConInitStdStreams();
751 
752  if (argc <= 1)
753  {
754  ConResPuts(StdOut, IDS_HELP);
755  return 0;
756  }
757 
758  // FIXME: Convert to proper parsing, with support for /?
759 
760  /*
761  * parse command line options
762  */
763  for (i = 2; i < argc; i++)
764  {
765  if (lstrcmpi(argv[i], _T("/T")) == 0)
766  {
767  OptionT = TRUE;
768  }
769  else if (lstrcmpi(argv[i], _T("/E")) == 0)
770  {
771  OptionE = TRUE;
772  }
773  else if (lstrcmpi(argv[i], _T("/C")) == 0)
774  {
775  OptionC = TRUE;
776  }
777  else if (lstrcmpi(argv[i], _T("/G")) == 0)
778  {
779  if (i + 1 < argc)
780  {
781  pch = _tcschr(argv[++i], _T(':'));
782  if (pch != NULL)
783  {
784  OptionG = TRUE;
785  *pch = 0;
786  GUser = argv[i];
787  GPerm = pch + 1;
788  continue;
789  }
790  }
791  InvalidParameter = TRUE;
792  break;
793  }
794  else if (lstrcmpi(argv[i], _T("/R")) == 0)
795  {
796  if (i + 1 < argc)
797  {
798  RUser = argv[++i];
799  OptionR = TRUE;
800  continue;
801  }
802  InvalidParameter = TRUE;
803  break;
804  }
805  else if (lstrcmpi(argv[i], _T("/P")) == 0)
806  {
807  if (i + 1 < argc)
808  {
809  pch = _tcschr(argv[++i], _T(':'));
810  if (pch != NULL)
811  {
812  OptionP = TRUE;
813  *pch = 0;
814  PUser = argv[i];
815  PPerm = pch + 1;
816  continue;
817  }
818  }
819  InvalidParameter = TRUE;
820  break;
821  }
822  else if (lstrcmpi(argv[i], _T("/D")) == 0)
823  {
824  if (i + 1 < argc)
825  {
826  OptionD = TRUE;
827  DUser = argv[++i];
828  continue;
829  }
830  InvalidParameter = TRUE;
831  break;
832  }
833  else
834  {
835  InvalidParameter = TRUE;
836  break;
837  }
838  }
839 
840  if (InvalidParameter)
841  {
842  PrintError(ERROR_INVALID_PARAMETER);
843  ConResPuts(StdOut, IDS_HELP);
844  return 1;
845  }
846 
847  /* /R is only valid with /E */
848  if (OptionR && !OptionE)
849  {
850  OptionR = FALSE;
851  }
852 
853  PrintDaclsOfFiles(argv[1]);
854 
855  if (OptionT)
856  {
857  ChangeACLsOfFilesInCurDir(argv[1]);
858  }
859  else
860  {
861  ChangeACLsOfFiles(argv[1]);
862  }
863 
864  return 0;
865 }
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
ERROR_INVALID_PARAMETER
#define ERROR_INVALID_PARAMETER
Definition: compat.h:91
FILE_GENERIC_READ
#define FILE_GENERIC_READ
Definition: nt_native.h:653
MAXIMUM_ALLOWED
#define MAXIMUM_ALLOWED
Definition: nt_native.h:83
MapGenericMask
VOID WINAPI MapGenericMask(PDWORD, PGENERIC_MAPPING)
PSECURITY_DESCRIPTOR
struct _SECURITY_DESCRIPTOR * PSECURITY_DESCRIPTOR
Definition: security.c:97
argc
static int argc
Definition: ServiceArgs.c:12
FILE_WRITE_EA
#define FILE_WRITE_EA
Definition: nt_native.h:640
IN
#define IN
Definition: typedefs.h:38
GENERIC_ALL
#define GENERIC_ALL
Definition: nt_native.h:92
TRUE
#define TRUE
Definition: types.h:120
LPCTSTR
const CHAR * LPCTSTR
Definition: xmlstorage.h:193
IDS_FILE_WRITE_EA
#define IDS_FILE_WRITE_EA
Definition: resource.h:27
IDS_FILE_GENERIC_WRITE
#define IDS_FILE_GENERIC_WRITE
Definition: resource.h:22
lstrcmpi
#define lstrcmpi
Definition: winbase.h:3687
SID_NAME_USE
enum _SID_NAME_USE SID_NAME_USE
ERROR_SUCCESS
#define ERROR_SUCCESS
Definition: deptool.c:10
DaclDefaulted
_In_ BOOLEAN _In_opt_ PACL _In_opt_ BOOLEAN DaclDefaulted
Definition: rtlfuncs.h:1595
_SID
Definition: ms-dtyp.idl:198
FILE_ALL_ACCESS
#define FILE_ALL_ACCESS
Definition: nt_native.h:651
GetSecurityDescriptorDacl
BOOL WINAPI GetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, LPBOOL lpbDaclPresent, PACL *pDacl, LPBOOL lpbDaclDefaulted)
Definition: sec.c:45
ACCESS_SYSTEM_SECURITY
#define ACCESS_SYSTEM_SECURITY
Definition: nt_native.h:77
GrantUserAccessRights
static BOOL GrantUserAccessRights(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User, TCHAR Perm)
Definition: cacls.c:465
_ACCESS_ALLOWED_ACE
Definition: ms-dtyp.idl:215
IDS_WRITE_OWNER
#define IDS_WRITE_OWNER
Definition: resource.h:37
_tcscmp
int _tcscmp(const _TCHAR *s1, const _TCHAR *s2)
Definition: tcscmp.h:8
SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
_ACL
Definition: ms-dtyp.idl:293
DWORD
#define DWORD
Definition: msvc.h:34
IDS_GENERIC_READ
#define IDS_GENERIC_READ
Definition: resource.h:16
ERROR_NONE_MAPPED
#define ERROR_NONE_MAPPED
Definition: winerror.h:814
IDS_GENERIC_ALL
#define IDS_GENERIC_ALL
Definition: resource.h:19
IDS_ABBR_IO
#define IDS_ABBR_IO
Definition: resource.h:6
PrintError
static VOID PrintError(DWORD dwError)
Definition: cacls.c:37
IDS_ABBR_NONE
#define IDS_ABBR_NONE
Definition: resource.h:11
ARRAYSIZE
#define ARRAYSIZE(array)
Definition: filtermapper.c:47
CharPrev
#define CharPrev
Definition: winuser.h:5607
ERROR_NOT_ENOUGH_MEMORY
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
INVALID_HANDLE_VALUE
#define INVALID_HANDLE_VALUE
Definition: compat.h:391
_tcscpy
_TCHAR * _tcscpy(_TCHAR *to, const _TCHAR *from)
Definition: tcscpy.h:8
GetLastError
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1059
PrintDaclsOfFiles
static BOOL PrintDaclsOfFiles(LPCTSTR pszFiles)
Definition: cacls.c:405
PPerm
LPCTSTR PPerm
Definition: cacls.c:25
IDS_WRITE_DAC
#define IDS_WRITE_DAC
Definition: resource.h:38
ChangeACLsOfFilesInCurDir
static BOOL ChangeACLsOfFilesInCurDir(LPCTSTR pszFiles)
Definition: cacls.c:644
WRITE_OWNER
#define WRITE_OWNER
Definition: nt_native.h:60
RUser
LPCTSTR RUser
Definition: cacls.c:25
IDS_FILE_READ_EA
#define IDS_FILE_READ_EA
Definition: resource.h:26
FILE_APPEND_DATA
#define FILE_APPEND_DATA
Definition: nt_native.h:634
ERROR_DIRECTORY
#define ERROR_DIRECTORY
Definition: winerror.h:295
OptionE
BOOL OptionE
Definition: cacls.c:23
INT
int32_t INT
Definition: typedefs.h:56
_tmain
int _tmain(int argc, const TCHAR *argv[])
Definition: cacls.c:743
argv
static char ** argv
Definition: ServiceArgs.c:11
IDS_FILE_WRITE_ATTRIBUTES
#define IDS_FILE_WRITE_ATTRIBUTES
Definition: resource.h:31
FILE_WRITE_ATTRIBUTES
#define FILE_WRITE_ATTRIBUTES
Definition: nt_native.h:649
LPTSTR
CHAR * LPTSTR
Definition: xmlstorage.h:192
DaclPresent
_In_ BOOLEAN DaclPresent
Definition: rtlfuncs.h:1595
PrintFileDacl
static BOOL PrintFileDacl(IN LPTSTR FilePath, IN LPTSTR FileName)
Definition: cacls.c:47
FilePath
PCWSTR FilePath
Definition: PrivateExtractIcons.c:12
LookupAccountSid
#define LookupAccountSid
Definition: winbase.h:3681
IDS_FILE_READ_DATA
#define IDS_FILE_READ_DATA
Definition: resource.h:23
i
GLenum GLclampf GLint i
Definition: glfuncs.h:14
FILE_DELETE_CHILD
#define FILE_DELETE_CHILD
Definition: nt_native.h:645
ConInitStdStreams
#define ConInitStdStreams()
Definition: stream.h:122
ERROR_ACCESS_DENIED
#define ERROR_ACCESS_DENIED
Definition: compat.h:87
FILE_READ_DATA
#define FILE_READ_DATA
Definition: nt_native.h:628
GENERIC_WRITE
#define GENERIC_WRITE
Definition: nt_native.h:90
IDS_ABBR_OI
#define IDS_ABBR_OI
Definition: resource.h:5
GetCurrentDirectory
#define GetCurrentDirectory
Definition: winbase.h:3619
ConPrintf
INT __cdecl ConPrintf(IN PCON_STREAM Stream, IN LPWSTR szStr,...)
Definition: outstream.c:520
Name
struct NameRec_ * Name
Definition: cdprocs.h:464
Ace
Definition: card.h:12
_tcslen
size_t __cdecl _tcslen(const _TCHAR *str)
Definition: tcslen.h:9
NULL
smooth NULL
Definition: ftsmooth.c:416
NameRec_
Definition: apinames.c:48
RevokeUserAccessRights
static BOOL RevokeUserAccessRights(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User)
Definition: cacls.c:544
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1104
OptionC
BOOL OptionC
Definition: cacls.c:23
_FileName
Definition: filecomp.c:347
IDS_FILE_WRITE_DATA
#define IDS_FILE_WRITE_DATA
Definition: resource.h:24
FindFirstFile
#define FindFirstFile
Definition: winbase.h:3596
IDS_ALLOW
#define IDS_ALLOW
Definition: resource.h:12
ERROR_FILE_NOT_FOUND
#define ERROR_FILE_NOT_FOUND
Definition: disk.h:79
FORMAT_MESSAGE_FROM_SYSTEM
#define FORMAT_MESSAGE_FROM_SYSTEM
Definition: winbase.h:404
_tcschr
_TCHAR * _tcschr(const _TCHAR *s, _XINT c)
Definition: tcschr.h:4
ERROR_NO_MORE_FILES
#define ERROR_NO_MORE_FILES
Definition: winerror.h:121
FILE_WRITE_DATA
#define FILE_WRITE_DATA
Definition: nt_native.h:631
FILE_ATTRIBUTE_DIRECTORY
#define FILE_ATTRIBUTE_DIRECTORY
Definition: nt_native.h:705
FILE_GENERIC_EXECUTE
#define FILE_GENERIC_EXECUTE
Definition: nt_native.h:668
OptionG
BOOL OptionG
Definition: cacls.c:24
IDS_FILE_DELETE_CHILD
#define IDS_FILE_DELETE_CHILD
Definition: resource.h:29
CONTAINER_INHERIT_ACE
#define CONTAINER_INHERIT_ACE
Definition: setypes.h:715
TCHAR
char TCHAR
Definition: xmlstorage.h:189
_T
#define _T(x)
Definition: vfdio.h:22
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
ReplaceUserAccessRights
static BOOL ReplaceUserAccessRights(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User, TCHAR Perm)
Definition: cacls.c:485
GetProcessHeap
#define GetProcessHeap()
Definition: compat.h:395
GPerm
LPCTSTR GPerm
Definition: cacls.c:25
HeapAlloc
PVOID WINAPI HeapAlloc(HANDLE, DWORD, SIZE_T)
if
if(!(yy_init))
Definition: macro.lex.yy.c:717
_GENERIC_MAPPING
Definition: nt_native.h:564
FindNextFile
#define FindNextFile
Definition: winbase.h:3602
ConvertSidToStringSid
#define ConvertSidToStringSid
Definition: sddl.h:160
DenyUserAccess
static BOOL DenyUserAccess(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User)
Definition: cacls.c:537
EditUserAccessRights
static BOOL EditUserAccessRights(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User, TCHAR Perm)
Definition: cacls.c:511
MAX_PATH
#define MAX_PATH
Definition: compat.h:26
OptionP
BOOL OptionP
Definition: cacls.c:24
UINT
unsigned int UINT
Definition: ndis.h:50
AccessMask
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186
IDS_ABBR_FULL
#define IDS_ABBR_FULL
Definition: resource.h:7
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
WRITE_DAC
#define WRITE_DAC
Definition: nt_native.h:59
SPECIFIC_RIGHTS_ALL
#define SPECIFIC_RIGHTS_ALL
Definition: nt_native.h:71
OptionR
BOOL OptionR
Definition: cacls.c:24
Error
BOOL Error
Definition: chkdsk.c:66
SetLastError
#define SetLastError(x)
Definition: compat.h:409
IDS_STANDARD_RIGHTS_REQUIRED
#define IDS_STANDARD_RIGHTS_REQUIRED
Definition: resource.h:35
ConMsgPuts
INT ConMsgPuts(IN PCON_STREAM Stream, IN DWORD dwFlags, IN LPCVOID lpSource OPTIONAL, IN DWORD dwMessageId, IN DWORD dwLanguageId)
Definition: outstream.c:837
Length
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
StdErr
#define StdErr
Definition: stream.h:77
ACCESS_DENIED_ACE_TYPE
#define ACCESS_DENIED_ACE_TYPE
Definition: setypes.h:686
PSID
struct _SID * PSID
Definition: eventlog.c:35
READ_CONTROL
#define READ_CONTROL
Definition: nt_native.h:58
FILE_READ_ATTRIBUTES
#define FILE_READ_ATTRIBUTES
Definition: nt_native.h:647
IDS_ACCESS_SYSTEM_SECURITY
#define IDS_ACCESS_SYSTEM_SECURITY
Definition: resource.h:33
Dacl
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1553
ConResPuts
INT ConResPuts(IN PCON_STREAM Stream, IN UINT uID)
Definition: outstream.c:610
L
static const WCHAR L[]
Definition: oid.c:1087
WIN32_FIND_DATAA
Definition: shtypes.idl:80
FILE_EXECUTE
#define FILE_EXECUTE
Definition: nt_native.h:642
len
GLenum GLsizei len
Definition: glext.h:6722
GetFullPathName
#define GetFullPathName
Definition: winbase.h:3635
GENERIC_READ
#define GENERIC_READ
Definition: compat.h:124
GetFileSecurity
#define GetFileSecurity
Definition: winbase.h:3631
SYNCHRONIZE
#define SYNCHRONIZE
Definition: nt_native.h:61
AceIndex
_In_ ULONG AceIndex
Definition: rtlfuncs.h:1864
GUser
LPCTSTR GUser
Definition: cacls.c:25
DisplayString
VOID DisplayString(LPWSTR Msg)
Definition: misc.c:211
IDS_READ_CONTROL
#define IDS_READ_CONTROL
Definition: resource.h:39
GetFileAttributes
#define GetFileAttributes
Definition: winbase.h:3629
IDS_SPECIFIC_RIGHTS_ALL
#define IDS_SPECIFIC_RIGHTS_ALL
Definition: resource.h:34
IDS_FILE_GENERIC_READ
#define IDS_FILE_GENERIC_READ
Definition: resource.h:21
IDS_SPECIAL_ACCESS
#define IDS_SPECIAL_ACCESS
Definition: resource.h:14
OptionD
BOOL OptionD
Definition: cacls.c:24
FILE_GENERIC_WRITE
#define FILE_GENERIC_WRITE
Definition: nt_native.h:660
IDS_SYNCHRONIZE
#define IDS_SYNCHRONIZE
Definition: resource.h:36
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:78
lstrlen
#define lstrlen
Definition: winbase.h:3690
STANDARD_RIGHTS_ALL
#define STANDARD_RIGHTS_ALL
Definition: nt_native.h:69
x
INT x
Definition: msvc.h:62
GetAce
BOOL WINAPI GetAce(PACL pAcl, DWORD dwAceIndex, LPVOID *pAce)
Definition: security.c:1061
LocalFree
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1577
IDS_ABBR_CI
#define IDS_ABBR_CI
Definition: resource.h:4
IDS_STANDARD_RIGHTS_ALL
#define IDS_STANDARD_RIGHTS_ALL
Definition: resource.h:41
IDS_FILE_APPEND_DATA
#define IDS_FILE_APPEND_DATA
Definition: resource.h:25
OptionT
BOOL OptionT
Definition: cacls.c:23
FILE_READ_EA
#define FILE_READ_EA
Definition: nt_native.h:638
IDS_HELP
#define IDS_HELP
Definition: resource.h:3
AddBackslash
static VOID AddBackslash(LPTSTR FilePath)
Definition: cacls.c:363
ConPuts
INT ConPuts(IN PCON_STREAM Stream, IN LPWSTR szStr)
Definition: outstream.c:427
DUser
LPCTSTR DUser
Definition: cacls.c:25
x2
_In_ CLIPOBJ _In_ BRUSHOBJ _In_ LONG _In_ LONG _In_ LONG x2
Definition: winddi.h:3706
IDS_ABBR_CHANGE
#define IDS_ABBR_CHANGE
Definition: resource.h:10
ERROR_NO_SECURITY_ON_OBJECT
#define ERROR_NO_SECURITY_ON_OBJECT
Definition: winerror.h:831
FileGenericMapping
static GENERIC_MAPPING FileGenericMapping
Definition: cacls.c:27
ChangeACLsOfFiles
static BOOL ChangeACLsOfFiles(LPCTSTR pszFiles)
Definition: cacls.c:589
IDS_GENERIC_EXECUTE
#define IDS_GENERIC_EXECUTE
Definition: resource.h:18
_tcsrchr
_TCHAR * _tcsrchr(const _TCHAR *s, _XINT c)
Definition: tcsrchr.h:4
_tcscat
_TCHAR * _tcscat(_TCHAR *s, const _TCHAR *append)
Definition: tcscat.h:8
StdOut
#define StdOut
Definition: stream.h:76
IDS_FILE_EXECUTE
#define IDS_FILE_EXECUTE
Definition: resource.h:28
STANDARD_RIGHTS_REQUIRED
#define STANDARD_RIGHTS_REQUIRED
Definition: nt_native.h:63
IDS_ABBR_READ
#define IDS_ABBR_READ
Definition: resource.h:8
pch
WCHAR * pch
Definition: msvc.h:81
INHERIT_ONLY_ACE
#define INHERIT_ONLY_ACE
Definition: setypes.h:717
IDS_DELETE
#define IDS_DELETE
Definition: resource.h:40
File
Definition: File.h:15
IDS_FILE_READ_ATTRIBUTES
#define IDS_FILE_READ_ATTRIBUTES
Definition: resource.h:30
IDS_MAXIMUM_ALLOWED
#define IDS_MAXIMUM_ALLOWED
Definition: resource.h:32
GENERIC_EXECUTE
#define GENERIC_EXECUTE
Definition: nt_native.h:91
IDS_GENERIC_WRITE
#define IDS_GENERIC_WRITE
Definition: resource.h:17
lstrcat
#define lstrcat
Definition: winbase.h:3685
IDS_DENY
#define IDS_DENY
Definition: resource.h:13
PUser
LPCTSTR PUser
Definition: cacls.c:25
HeapFree
#define HeapFree(x, y, z)
Definition: compat.h:394
OBJECT_INHERIT_ACE
#define OBJECT_INHERIT_ACE
Definition: setypes.h:714
DACL_SECURITY_INFORMATION
#define DACL_SECURITY_INFORMATION
Definition: setypes.h:125
GetPathOfFile
static BOOL GetPathOfFile(LPTSTR FilePath, LPCTSTR pszFiles)
Definition: cacls.c:372
ChangeFileACL
static BOOL ChangeFileACL(LPCTSTR FilePath, LPCTSTR File)
Definition: cacls.c:551
SetCurrentDirectory
#define SetCurrentDirectory
Definition: winbase.h:3717
LANG_USER_DEFAULT
#define LANG_USER_DEFAULT
Definition: tnerror.cpp:50
IDS_ABBR_WRITE
#define IDS_ABBR_WRITE
Definition: resource.h:9
DELETE
#define DELETE
Definition: nt_native.h:57
IDS_FILE_GENERIC_EXECUTE
#define IDS_FILE_GENERIC_EXECUTE
Definition: resource.h:20
lstrcpyn
#define lstrcpyn
Definition: winbase.h:3689
ERROR_INSUFFICIENT_BUFFER
#define ERROR_INSUFFICIENT_BUFFER
Definition: dderror.h:10
FindClose
BOOL WINAPI FindClose(HANDLE hFindFile)
Definition: find.c:502