ReactOS 0.4.16-dev-1276-g70732b0
cacls.c
Go to the documentation of this file.
1/*
2 * ReactOS Control ACLs Program
3 * Copyright (C) 2006 Thomas Weidenmueller
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
18 */
19
20#include "precomp.h"
21
22/* command line options */
23BOOL OptionT = FALSE, OptionE = FALSE, OptionC = FALSE;
24BOOL OptionG = FALSE, OptionR = FALSE, OptionP = FALSE, OptionD = FALSE;
25LPCTSTR GUser, GPerm, RUser, PUser, PPerm, DUser;
26
27static GENERIC_MAPPING FileGenericMapping =
28{
29 FILE_GENERIC_READ,
30 FILE_GENERIC_WRITE,
31 FILE_GENERIC_EXECUTE,
32 FILE_ALL_ACCESS
33};
34
35
36static VOID
37PrintError(DWORD dwError)
38{
39 if (dwError == ERROR_SUCCESS)
40 return;
41
42 ConMsgPuts(StdErr, FORMAT_MESSAGE_FROM_SYSTEM,
43 NULL, dwError, LANG_USER_DEFAULT);
44}
45
46static BOOL
47PrintFileDacl(IN LPTSTR FilePath,
48 IN LPTSTR FileName)
49{
50 SIZE_T Length;
51 PSECURITY_DESCRIPTOR SecurityDescriptor;
52 DWORD SDSize = 0;
53 TCHAR FullFileName[MAX_PATH + 1];
54 BOOL Error = FALSE, Ret = FALSE;
55
56 Length = _tcslen(FilePath) + _tcslen(FileName);
57 if (Length > MAX_PATH)
58 {
59 /* file name too long */
60 SetLastError(ERROR_FILE_NOT_FOUND);
61 return FALSE;
62 }
63
64 _tcscpy(FullFileName, FilePath);
65 _tcscat(FullFileName, FileName);
66
67 /* find out how much memory we need */
68 if (!GetFileSecurity(FullFileName,
69 DACL_SECURITY_INFORMATION,
70 NULL,
71 0,
72 &SDSize) &&
73 GetLastError() != ERROR_INSUFFICIENT_BUFFER)
74 {
75 return FALSE;
76 }
77
78 SecurityDescriptor = (PSECURITY_DESCRIPTOR)HeapAlloc(GetProcessHeap(),
79 0,
80 SDSize);
81 if (SecurityDescriptor != NULL)
82 {
83 if (GetFileSecurity(FullFileName,
84 DACL_SECURITY_INFORMATION,
85 SecurityDescriptor,
86 SDSize,
87 &SDSize))
88 {
89 PACL Dacl;
90 BOOL DaclPresent;
91 BOOL DaclDefaulted;
92
93 if (GetSecurityDescriptorDacl(SecurityDescriptor,
94 &DaclPresent,
95 &Dacl,
96 &DaclDefaulted))
97 {
98 if (DaclPresent)
99 {
100 PACCESS_ALLOWED_ACE Ace;
101 DWORD AceIndex = 0;
102
103 /* dump the ACL */
104 while (GetAce(Dacl,
105 AceIndex,
106 (PVOID*)&Ace))
107 {
108 SID_NAME_USE Use;
109 DWORD NameSize = 0;
110 DWORD DomainSize = 0;
111 LPTSTR Name = NULL;
112 LPTSTR Domain = NULL;
113 LPTSTR SidString = NULL;
114 DWORD IndentAccess;
115 DWORD AccessMask = Ace->Mask;
116 PSID Sid = (PSID)&Ace->SidStart;
117
118 /* attempt to translate the SID into a readable string */
119 if (!LookupAccountSid(NULL,
120 Sid,
121 Name,
122 &NameSize,
123 Domain,
124 &DomainSize,
125 &Use))
126 {
127 if (GetLastError() == ERROR_NONE_MAPPED || NameSize == 0)
128 {
129 goto BuildSidString;
130 }
131 else
132 {
133 if (GetLastError() != ERROR_INSUFFICIENT_BUFFER)
134 {
135 Error = TRUE;
136 break;
137 }
138
139 Name = (LPTSTR)HeapAlloc(GetProcessHeap(),
140 0,
141 (NameSize + DomainSize) * sizeof(TCHAR));
142 if (Name == NULL)
143 {
144 SetLastError(ERROR_NOT_ENOUGH_MEMORY);
145 Error = TRUE;
146 break;
147 }
148
149 Domain = Name + NameSize;
150 Name[0] = _T('\0');
151 if (DomainSize != 0)
152 Domain[0] = _T('\0');
153 if (!LookupAccountSid(NULL,
154 Sid,
155 Name,
156 &NameSize,
157 Domain,
158 &DomainSize,
159 &Use))
160 {
161 HeapFree(GetProcessHeap(),
162 0,
163 Name);
164 Name = NULL;
165 goto BuildSidString;
166 }
167 }
168 }
169 else
170 {
171BuildSidString:
172 if (!ConvertSidToStringSid(Sid,
173 &SidString))
174 {
175 Error = TRUE;
176 break;
177 }
178 }
179
180 /* print the file name or space */
181 ConPrintf(StdOut, L"%s ", FullFileName);
182
183 /* attempt to map the SID to a user name */
184 if (AceIndex == 0)
185 {
186 DWORD i = 0;
187
188 /* overwrite the full file name with spaces so we
189 only print the file name once */
190 while (FullFileName[i] != _T('\0'))
191 FullFileName[i++] = _T(' ');
192 }
193
194 /* print the domain and/or user if possible, or the SID string */
195 if (Name != NULL && Domain[0] != _T('\0'))
196 {
197 ConPrintf(StdOut, L"%s\\%s:", Domain, Name);
198 IndentAccess = (DWORD)_tcslen(Domain) + _tcslen(Name);
199 }
200 else
201 {
202 LPTSTR DisplayString = (Name != NULL ? Name : SidString);
203
204 ConPrintf(StdOut, L"%s:", DisplayString);
205 IndentAccess = (DWORD)_tcslen(DisplayString);
206 }
207
208 /* print the ACE Flags */
209 if (Ace->Header.AceFlags & CONTAINER_INHERIT_ACE)
210 {
211 IndentAccess += ConResPuts(StdOut, IDS_ABBR_CI);
212 }
213 if (Ace->Header.AceFlags & OBJECT_INHERIT_ACE)
214 {
215 IndentAccess += ConResPuts(StdOut, IDS_ABBR_OI);
216 }
217 if (Ace->Header.AceFlags & INHERIT_ONLY_ACE)
218 {
219 IndentAccess += ConResPuts(StdOut, IDS_ABBR_IO);
220 }
221
222 IndentAccess += 2;
223
224 /* print the access rights */
225 MapGenericMask(&AccessMask,
226 &FileGenericMapping);
227 if (Ace->Header.AceType & ACCESS_DENIED_ACE_TYPE)
228 {
229 if (AccessMask == FILE_ALL_ACCESS)
230 {
231 ConResPuts(StdOut, IDS_ABBR_NONE);
232 }
233 else
234 {
235 ConResPuts(StdOut, IDS_DENY);
236 goto PrintSpecialAccess;
237 }
238 }
239 else
240 {
241 if (AccessMask == FILE_ALL_ACCESS)
242 {
243 ConResPuts(StdOut, IDS_ABBR_FULL);
244 }
245 else if (!(Ace->Mask & (GENERIC_READ | GENERIC_EXECUTE)) &&
246 AccessMask == (FILE_GENERIC_READ | FILE_EXECUTE))
247 {
248 ConResPuts(StdOut, IDS_ABBR_READ);
249 }
250 else if (AccessMask == (FILE_GENERIC_READ | FILE_GENERIC_WRITE | FILE_EXECUTE | DELETE))
251 {
252 ConResPuts(StdOut, IDS_ABBR_CHANGE);
253 }
254 else if (AccessMask == FILE_GENERIC_WRITE)
255 {
256 ConResPuts(StdOut, IDS_ABBR_WRITE);
257 }
258 else
259 {
260 DWORD x, x2;
261 static const struct
262 {
263 DWORD Access;
264 UINT uID;
265 }
266 AccessRights[] =
267 {
268 {FILE_WRITE_ATTRIBUTES, IDS_FILE_WRITE_ATTRIBUTES},
269 {FILE_READ_ATTRIBUTES, IDS_FILE_READ_ATTRIBUTES},
270 {FILE_DELETE_CHILD, IDS_FILE_DELETE_CHILD},
271 {FILE_EXECUTE, IDS_FILE_EXECUTE},
272 {FILE_WRITE_EA, IDS_FILE_WRITE_EA},
273 {FILE_READ_EA, IDS_FILE_READ_EA},
274 {FILE_APPEND_DATA, IDS_FILE_APPEND_DATA},
275 {FILE_WRITE_DATA, IDS_FILE_WRITE_DATA},
276 {FILE_READ_DATA, IDS_FILE_READ_DATA},
277 {FILE_GENERIC_EXECUTE, IDS_FILE_GENERIC_EXECUTE},
278 {FILE_GENERIC_WRITE, IDS_FILE_GENERIC_WRITE},
279 {FILE_GENERIC_READ, IDS_FILE_GENERIC_READ},
280 {GENERIC_ALL, IDS_GENERIC_ALL},
281 {GENERIC_EXECUTE, IDS_GENERIC_EXECUTE},
282 {GENERIC_WRITE, IDS_GENERIC_WRITE},
283 {GENERIC_READ, IDS_GENERIC_READ},
284 {MAXIMUM_ALLOWED, IDS_MAXIMUM_ALLOWED},
285 {ACCESS_SYSTEM_SECURITY, IDS_ACCESS_SYSTEM_SECURITY},
286 {SPECIFIC_RIGHTS_ALL, IDS_SPECIFIC_RIGHTS_ALL},
287 {STANDARD_RIGHTS_REQUIRED, IDS_STANDARD_RIGHTS_REQUIRED},
288 {SYNCHRONIZE, IDS_SYNCHRONIZE},
289 {WRITE_OWNER, IDS_WRITE_OWNER},
290 {WRITE_DAC, IDS_WRITE_DAC},
291 {READ_CONTROL, IDS_READ_CONTROL},
292 {DELETE, IDS_DELETE},
293 {STANDARD_RIGHTS_ALL, IDS_STANDARD_RIGHTS_ALL},
294 };
295
296 ConResPuts(StdOut, IDS_ALLOW);
297
298PrintSpecialAccess:
299 ConResPuts(StdOut, IDS_SPECIAL_ACCESS);
300
301 /* print the special access rights */
302 x = ARRAYSIZE(AccessRights);
303 while (x-- != 0)
304 {
305 if ((Ace->Mask & AccessRights[x].Access) == AccessRights[x].Access)
306 {
307 ConPrintf(StdOut, L"\n%s ", FullFileName);
308 for (x2 = 0; x2 < IndentAccess; x2++)
309 {
310 ConPuts(StdOut, L" ");
311 }
312
313 ConResPuts(StdOut, AccessRights[x].uID);
314 }
315 }
316
317 ConPuts(StdOut, L"\n");
318 }
319 }
320
321 ConPuts(StdOut, L"\n");
322
323 /* free up all resources */
324 if (Name != NULL)
325 {
326 HeapFree(GetProcessHeap(),
327 0,
328 Name);
329 }
330
331 if (SidString != NULL)
332 {
333 LocalFree((HLOCAL)SidString);
334 }
335
336 AceIndex++;
337 }
338
339 if (!Error)
340 Ret = TRUE;
341 }
342 else
343 {
344 SetLastError(ERROR_NO_SECURITY_ON_OBJECT);
345 }
346 }
347 }
348
349 HeapFree(GetProcessHeap(),
350 0,
351 SecurityDescriptor);
352 }
353 else
354 {
355 SetLastError(ERROR_NOT_ENOUGH_MEMORY);
356 }
357
358 return Ret;
359}
360
361/* add a backslash at end to a path string if necessary */
362static VOID
363AddBackslash(LPTSTR FilePath)
364{
365 INT len = lstrlen(FilePath);
366 LPTSTR pch = CharPrev(FilePath, FilePath + len);
367 if (*pch != _T('\\'))
368 lstrcat(pch, _T("\\"));
369}
370
371static BOOL
372GetPathOfFile(LPTSTR FilePath, LPCTSTR pszFiles)
373{
374 TCHAR FullPath[MAX_PATH];
375 LPTSTR pch;
376 DWORD attrs;
377
378 lstrcpyn(FilePath, pszFiles, MAX_PATH);
379 pch = _tcsrchr(FilePath, _T('\\'));
380 if (pch != NULL)
381 {
382 *pch = 0;
383 if (!GetFullPathName(FilePath, MAX_PATH, FullPath, NULL))
384 {
385 PrintError(GetLastError());
386 return FALSE;
387 }
388 lstrcpyn(FilePath, FullPath, MAX_PATH);
389
390 attrs = GetFileAttributes(FilePath);
391 if (attrs == 0xFFFFFFFF || !(attrs & FILE_ATTRIBUTE_DIRECTORY))
392 {
393 PrintError(ERROR_DIRECTORY);
394 return FALSE;
395 }
396 }
397 else
398 GetCurrentDirectory(MAX_PATH, FilePath);
399
400 AddBackslash(FilePath);
401 return TRUE;
402}
403
404static BOOL
405PrintDaclsOfFiles(LPCTSTR pszFiles)
406{
407 TCHAR FilePath[MAX_PATH];
408 WIN32_FIND_DATA FindData;
409 HANDLE hFind;
410 DWORD LastError;
411
412 /*
413 * get the file path
414 */
415 if (!GetPathOfFile(FilePath, pszFiles))
416 return FALSE;
417
418 /*
419 * search for the files
420 */
421 hFind = FindFirstFile(pszFiles, &FindData);
422 if (hFind == INVALID_HANDLE_VALUE)
423 return FALSE;
424
425 do
426 {
427 if (FindData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
428 continue;
429
430 if (!PrintFileDacl(FilePath, FindData.cFileName))
431 {
432 LastError = GetLastError();
433 if (LastError == ERROR_ACCESS_DENIED)
434 {
435 PrintError(LastError);
436 if (!OptionC)
437 {
438 FindClose(hFind);
439 return FALSE;
440 }
441 }
442 else
443 {
444 break;
445 }
446 }
447 else
448 {
449 ConPuts(StdOut, L"\n");
450 }
451 } while(FindNextFile(hFind, &FindData));
452 LastError = GetLastError();
453 FindClose(hFind);
454
455 if (LastError != ERROR_NO_MORE_FILES)
456 {
457 PrintError(LastError);
458 return FALSE;
459 }
460
461 return TRUE;
462}
463
464static BOOL
465GrantUserAccessRights(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User, TCHAR Perm)
466{
467 /* TODO & FIXME */
468 switch(Perm)
469 {
470 case _T('R'): // Read
471 break;
472 case _T('W'): // Write
473 break;
474 case _T('C'): // Change (write)
475 break;
476 case _T('F'): // Full control
477 break;
478 default:
479 break;
480 }
481 return FALSE;
482}
483
484static BOOL
485ReplaceUserAccessRights(
486 LPCTSTR FilePath,
487 LPCTSTR File,
488 LPCTSTR User,
489 TCHAR Perm)
490{
491 /* TODO & FIXME */
492 switch(Perm)
493 {
494 case _T('N'): // None
495 break;
496 case _T('R'): // Read
497 break;
498 case _T('W'): // Write
499 break;
500 case _T('C'): // Change (write)
501 break;
502 case _T('F'): // Full control
503 break;
504 default:
505 break;
506 }
507 return FALSE;
508}
509
510static BOOL
511EditUserAccessRights(
512 LPCTSTR FilePath,
513 LPCTSTR File,
514 LPCTSTR User,
515 TCHAR Perm)
516{
517 /* TODO & FIXME */
518 switch(Perm)
519 {
520 case _T('N'): // None
521 break;
522 case _T('R'): // Read
523 break;
524 case _T('W'): // Write
525 break;
526 case _T('C'): // Change (write)
527 break;
528 case _T('F'): // Full control
529 break;
530 default:
531 break;
532 }
533 return FALSE;
534}
535
536static BOOL
537DenyUserAccess(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User)
538{
539 /* TODO & FIXME */
540 return FALSE;
541}
542
543static BOOL
544RevokeUserAccessRights(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User)
545{
546 /* TODO & FIXME */
547 return FALSE;
548}
549
550static BOOL
551ChangeFileACL(LPCTSTR FilePath, LPCTSTR File)
552{
553 if (OptionG)
554 {
555 /* Grant specified user access rights. */
556 GrantUserAccessRights(FilePath, File, GUser, *GPerm);
557 }
558
559 if (OptionP)
560 {
561 if (!OptionE)
562 {
563 /* Replace specified user's access rights. */
564 ReplaceUserAccessRights(FilePath, File, PUser, *PPerm);
565 }
566 else
567 {
568 /* Edit ACL instead of replacing it. */
569 EditUserAccessRights(FilePath, File, PUser, *PPerm);
570 }
571 }
572
573 if (OptionD)
574 {
575 /* Deny specified user access. */
576 DenyUserAccess(FilePath, File, DUser);
577 }
578
579 if (OptionR)
580 {
581 /* Revoke specified user's access rights. */
582 RevokeUserAccessRights(FilePath, File, RUser);
583 }
584
585 return TRUE;
586}
587
588static BOOL
589ChangeACLsOfFiles(LPCTSTR pszFiles)
590{
591 TCHAR FilePath[MAX_PATH];
592 HANDLE hFind;
593 WIN32_FIND_DATA FindData;
594 DWORD LastError;
595
596 /*
597 * get the file path
598 */
599 if (!GetPathOfFile(FilePath, pszFiles))
600 return FALSE;
601
602 /*
603 * search for files in current directory
604 */
605 hFind = FindFirstFile(pszFiles, &FindData);
606 if (hFind == INVALID_HANDLE_VALUE)
607 return FALSE;
608
609 do
610 {
611 if (FindData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
612 continue;
613
614 if (!ChangeFileACL(FilePath, FindData.cFileName))
615 {
616 LastError = GetLastError();
617 if (LastError == ERROR_ACCESS_DENIED)
618 {
619 PrintError(LastError);
620 if (!OptionC)
621 {
622 FindClose(hFind);
623 return FALSE;
624 }
625 }
626 else
627 break;
628 }
629 } while(FindNextFile(hFind, &FindData));
630
631 LastError = GetLastError();
632 FindClose(hFind);
633
634 if (LastError != ERROR_NO_MORE_FILES)
635 {
636 PrintError(LastError);
637 return FALSE;
638 }
639
640 return TRUE;
641}
642
643static BOOL
644ChangeACLsOfFilesInCurDir(LPCTSTR pszFiles)
645{
646 HANDLE hFind;
647 WIN32_FIND_DATA FindData;
648 TCHAR szCurDir[MAX_PATH];
649 DWORD LastError;
650
651 /*
652 * get the file path (current directory)
653 */
654 GetCurrentDirectory(MAX_PATH, szCurDir);
655 AddBackslash(szCurDir);
656
657 /*
658 * search for files in current directory
659 */
660 hFind = FindFirstFile(pszFiles, &FindData);
661 if (hFind == INVALID_HANDLE_VALUE)
662 return FALSE;
663
664 do
665 {
666 if (FindData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
667 continue;
668
669 if (!ChangeFileACL(szCurDir, FindData.cFileName))
670 {
671 LastError = GetLastError();
672 if (LastError == ERROR_ACCESS_DENIED)
673 {
674 PrintError(LastError);
675 if (!OptionC)
676 {
677 FindClose(hFind);
678 return FALSE;
679 }
680 }
681 else
682 break;
683 }
684 } while(FindNextFile(hFind, &FindData));
685
686 LastError = GetLastError();
687 FindClose(hFind);
688
689 if (LastError != ERROR_NO_MORE_FILES)
690 {
691 PrintError(LastError);
692 return FALSE;
693 }
694
695 /*
696 * search for subdirectory in current directory
697 */
698 hFind = FindFirstFile(_T("*"), &FindData);
699 if (hFind == INVALID_HANDLE_VALUE)
700 return FALSE;
701 do
702 {
703 if (_tcscmp(FindData.cFileName, _T(".")) == 0 ||
704 _tcscmp(FindData.cFileName, _T("..")) == 0)
705 continue;
706
707 if (FindData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
708 {
709 GetCurrentDirectory(MAX_PATH, szCurDir);
710 if (SetCurrentDirectory(FindData.cFileName))
711 {
712 ChangeACLsOfFilesInCurDir(pszFiles);
713 SetCurrentDirectory(szCurDir);
714 }
715 else
716 {
717 LastError = GetLastError();
718 if (LastError == ERROR_ACCESS_DENIED)
719 {
720 PrintError(LastError);
721 if (!OptionC)
722 {
723 FindClose(hFind);
724 return FALSE;
725 }
726 }
727 else
728 break;
729 }
730 }
731 } while(FindNextFile(hFind, &FindData));
732 LastError = GetLastError();
733 FindClose(hFind);
734
735 if (LastError != ERROR_NO_MORE_FILES)
736 {
737 PrintError(LastError);
738 return FALSE;
739 }
740 return TRUE;
741}
742
743int _tmain(int argc, const TCHAR *argv[])
744{
745 INT i;
746 LPTSTR pch;
747 BOOL InvalidParameter = FALSE;
748
749 /* Initialize the Console Standard Streams */
750 ConInitStdStreams();
751
752 if (argc <= 1)
753 {
754 ConResPuts(StdOut, IDS_HELP);
755 return 0;
756 }
757
758 // FIXME: Convert to proper parsing, with support for /?
759
760 /*
761 * parse command line options
762 */
763 for (i = 2; i < argc; i++)
764 {
765 if (lstrcmpi(argv[i], _T("/T")) == 0)
766 {
767 OptionT = TRUE;
768 }
769 else if (lstrcmpi(argv[i], _T("/E")) == 0)
770 {
771 OptionE = TRUE;
772 }
773 else if (lstrcmpi(argv[i], _T("/C")) == 0)
774 {
775 OptionC = TRUE;
776 }
777 else if (lstrcmpi(argv[i], _T("/G")) == 0)
778 {
779 if (i + 1 < argc)
780 {
781 pch = _tcschr(argv[++i], _T(':'));
782 if (pch != NULL)
783 {
784 OptionG = TRUE;
785 *pch = 0;
786 GUser = argv[i];
787 GPerm = pch + 1;
788 continue;
789 }
790 }
791 InvalidParameter = TRUE;
792 break;
793 }
794 else if (lstrcmpi(argv[i], _T("/R")) == 0)
795 {
796 if (i + 1 < argc)
797 {
798 RUser = argv[++i];
799 OptionR = TRUE;
800 continue;
801 }
802 InvalidParameter = TRUE;
803 break;
804 }
805 else if (lstrcmpi(argv[i], _T("/P")) == 0)
806 {
807 if (i + 1 < argc)
808 {
809 pch = _tcschr(argv[++i], _T(':'));
810 if (pch != NULL)
811 {
812 OptionP = TRUE;
813 *pch = 0;
814 PUser = argv[i];
815 PPerm = pch + 1;
816 continue;
817 }
818 }
819 InvalidParameter = TRUE;
820 break;
821 }
822 else if (lstrcmpi(argv[i], _T("/D")) == 0)
823 {
824 if (i + 1 < argc)
825 {
826 OptionD = TRUE;
827 DUser = argv[++i];
828 continue;
829 }
830 InvalidParameter = TRUE;
831 break;
832 }
833 else
834 {
835 InvalidParameter = TRUE;
836 break;
837 }
838 }
839
840 if (InvalidParameter)
841 {
842 PrintError(ERROR_INVALID_PARAMETER);
843 ConResPuts(StdOut, IDS_HELP);
844 return 1;
845 }
846
847 /* /R is only valid with /E */
848 if (OptionR && !OptionE)
849 {
850 OptionR = FALSE;
851 }
852
853 PrintDaclsOfFiles(argv[1]);
854
855 if (OptionT)
856 {
857 ChangeACLsOfFilesInCurDir(argv[1]);
858 }
859 else
860 {
861 ChangeACLsOfFiles(argv[1]);
862 }
863
864 return 0;
865}
FilePath
PCWSTR FilePath
Definition: PrivateExtractIcons.c:81
argc
static int argc
Definition: ServiceArgs.c:12
IDS_ALLOW
#define IDS_ALLOW
Definition: resource.h:12
IDS_ABBR_FULL
#define IDS_ABBR_FULL
Definition: resource.h:7
IDS_ABBR_WRITE
#define IDS_ABBR_WRITE
Definition: resource.h:9
IDS_GENERIC_READ
#define IDS_GENERIC_READ
Definition: resource.h:16
IDS_FILE_APPEND_DATA
#define IDS_FILE_APPEND_DATA
Definition: resource.h:25
IDS_STANDARD_RIGHTS_ALL
#define IDS_STANDARD_RIGHTS_ALL
Definition: resource.h:41
IDS_FILE_READ_EA
#define IDS_FILE_READ_EA
Definition: resource.h:26
IDS_FILE_READ_ATTRIBUTES
#define IDS_FILE_READ_ATTRIBUTES
Definition: resource.h:30
IDS_READ_CONTROL
#define IDS_READ_CONTROL
Definition: resource.h:39
IDS_ABBR_READ
#define IDS_ABBR_READ
Definition: resource.h:8
IDS_FILE_GENERIC_WRITE
#define IDS_FILE_GENERIC_WRITE
Definition: resource.h:22
IDS_ABBR_OI
#define IDS_ABBR_OI
Definition: resource.h:5
IDS_GENERIC_EXECUTE
#define IDS_GENERIC_EXECUTE
Definition: resource.h:18
IDS_GENERIC_WRITE
#define IDS_GENERIC_WRITE
Definition: resource.h:17
IDS_DELETE
#define IDS_DELETE
Definition: resource.h:40
IDS_SPECIFIC_RIGHTS_ALL
#define IDS_SPECIFIC_RIGHTS_ALL
Definition: resource.h:34
IDS_FILE_READ_DATA
#define IDS_FILE_READ_DATA
Definition: resource.h:23
IDS_FILE_EXECUTE
#define IDS_FILE_EXECUTE
Definition: resource.h:28
IDS_FILE_GENERIC_EXECUTE
#define IDS_FILE_GENERIC_EXECUTE
Definition: resource.h:20
IDS_SYNCHRONIZE
#define IDS_SYNCHRONIZE
Definition: resource.h:36
IDS_WRITE_DAC
#define IDS_WRITE_DAC
Definition: resource.h:38
IDS_FILE_DELETE_CHILD
#define IDS_FILE_DELETE_CHILD
Definition: resource.h:29
IDS_SPECIAL_ACCESS
#define IDS_SPECIAL_ACCESS
Definition: resource.h:14
IDS_FILE_WRITE_EA
#define IDS_FILE_WRITE_EA
Definition: resource.h:27
IDS_FILE_WRITE_DATA
#define IDS_FILE_WRITE_DATA
Definition: resource.h:24
IDS_MAXIMUM_ALLOWED
#define IDS_MAXIMUM_ALLOWED
Definition: resource.h:32
IDS_WRITE_OWNER
#define IDS_WRITE_OWNER
Definition: resource.h:37
IDS_GENERIC_ALL
#define IDS_GENERIC_ALL
Definition: resource.h:19
IDS_FILE_WRITE_ATTRIBUTES
#define IDS_FILE_WRITE_ATTRIBUTES
Definition: resource.h:31
IDS_ABBR_IO
#define IDS_ABBR_IO
Definition: resource.h:6
IDS_STANDARD_RIGHTS_REQUIRED
#define IDS_STANDARD_RIGHTS_REQUIRED
Definition: resource.h:35
IDS_ABBR_NONE
#define IDS_ABBR_NONE
Definition: resource.h:11
IDS_FILE_GENERIC_READ
#define IDS_FILE_GENERIC_READ
Definition: resource.h:21
IDS_DENY
#define IDS_DENY
Definition: resource.h:13
IDS_ACCESS_SYSTEM_SECURITY
#define IDS_ACCESS_SYSTEM_SECURITY
Definition: resource.h:33
IDS_ABBR_CHANGE
#define IDS_ABBR_CHANGE
Definition: resource.h:10
IDS_ABBR_CI
#define IDS_ABBR_CI
Definition: resource.h:4
IDS_HELP
#define IDS_HELP
Definition: resource.h:3
ConPuts
void ConPuts(FILE *fp, LPCWSTR psz)
Definition: fc.c:16
ConInitStdStreams
#define ConInitStdStreams()
Definition: fc.c:13
ConPrintf
void ConPrintf(FILE *fp, LPCWSTR psz,...)
Definition: fc.c:20
StdOut
#define StdOut
Definition: fc.c:14
StdErr
#define StdErr
Definition: fc.c:15
ConResPuts
void ConResPuts(FILE *fp, UINT nID)
Definition: fc.c:27
DisplayString
VOID DisplayString(LPWSTR Msg)
Definition: misc.c:211
Error
BOOL Error
Definition: chkdsk.c:66
PUser
LPCTSTR PUser
Definition: cacls.c:25
DenyUserAccess
static BOOL DenyUserAccess(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User)
Definition: cacls.c:537
PrintFileDacl
static BOOL PrintFileDacl(IN LPTSTR FilePath, IN LPTSTR FileName)
Definition: cacls.c:47
PrintError
static VOID PrintError(DWORD dwError)
Definition: cacls.c:37
OptionR
BOOL OptionR
Definition: cacls.c:24
GUser
LPCTSTR GUser
Definition: cacls.c:25
ChangeFileACL
static BOOL ChangeFileACL(LPCTSTR FilePath, LPCTSTR File)
Definition: cacls.c:551
GrantUserAccessRights
static BOOL GrantUserAccessRights(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User, TCHAR Perm)
Definition: cacls.c:465
ReplaceUserAccessRights
static BOOL ReplaceUserAccessRights(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User, TCHAR Perm)
Definition: cacls.c:485
OptionP
BOOL OptionP
Definition: cacls.c:24
OptionD
BOOL OptionD
Definition: cacls.c:24
PPerm
LPCTSTR PPerm
Definition: cacls.c:25
FileGenericMapping
static GENERIC_MAPPING FileGenericMapping
Definition: cacls.c:27
PrintDaclsOfFiles
static BOOL PrintDaclsOfFiles(LPCTSTR pszFiles)
Definition: cacls.c:405
DUser
LPCTSTR DUser
Definition: cacls.c:25
AddBackslash
static VOID AddBackslash(LPTSTR FilePath)
Definition: cacls.c:363
OptionE
BOOL OptionE
Definition: cacls.c:23
EditUserAccessRights
static BOOL EditUserAccessRights(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User, TCHAR Perm)
Definition: cacls.c:511
GPerm
LPCTSTR GPerm
Definition: cacls.c:25
OptionC
BOOL OptionC
Definition: cacls.c:23
ChangeACLsOfFiles
static BOOL ChangeACLsOfFiles(LPCTSTR pszFiles)
Definition: cacls.c:589
ChangeACLsOfFilesInCurDir
static BOOL ChangeACLsOfFilesInCurDir(LPCTSTR pszFiles)
Definition: cacls.c:644
GetPathOfFile
static BOOL GetPathOfFile(LPTSTR FilePath, LPCTSTR pszFiles)
Definition: cacls.c:372
OptionG
BOOL OptionG
Definition: cacls.c:24
RUser
LPCTSTR RUser
Definition: cacls.c:25
OptionT
BOOL OptionT
Definition: cacls.c:23
RevokeUserAccessRights
static BOOL RevokeUserAccessRights(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User)
Definition: cacls.c:544
Ace
@ Ace
Definition: card.h:12
File
Definition: File.h:16
ERROR_NOT_ENOUGH_MEMORY
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
ERROR_INSUFFICIENT_BUFFER
#define ERROR_INSUFFICIENT_BUFFER
Definition: dderror.h:10
ERROR_SUCCESS
#define ERROR_SUCCESS
Definition: deptool.c:10
Name
LPWSTR Name
Definition: desk.c:124
NULL
#define NULL
Definition: types.h:112
TRUE
#define TRUE
Definition: types.h:120
FALSE
#define FALSE
Definition: types.h:117
ARRAYSIZE
#define ARRAYSIZE(array)
Definition: filtermapper.c:47
GetAce
BOOL WINAPI GetAce(PACL pAcl, DWORD dwAceIndex, LPVOID *pAce)
Definition: security.c:1186
GetProcessHeap
#define GetProcessHeap()
Definition: compat.h:736
ERROR_INVALID_PARAMETER
#define ERROR_INVALID_PARAMETER
Definition: compat.h:101
SetLastError
#define SetLastError(x)
Definition: compat.h:752
INVALID_HANDLE_VALUE
#define INVALID_HANDLE_VALUE
Definition: compat.h:731
HeapAlloc
#define HeapAlloc
Definition: compat.h:733
GENERIC_READ
#define GENERIC_READ
Definition: compat.h:135
MAX_PATH
#define MAX_PATH
Definition: compat.h:34
HeapFree
#define HeapFree(x, y, z)
Definition: compat.h:735
ERROR_ACCESS_DENIED
#define ERROR_ACCESS_DENIED
Definition: compat.h:97
FindClose
BOOL WINAPI FindClose(HANDLE hFindFile)
Definition: find.c:502
MapGenericMask
void WINAPI MapGenericMask(PDWORD access, PGENERIC_MAPPING mapping)
Definition: security.c:1445
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
InvalidParameter
@ InvalidParameter
Definition: gdiplustypes.h:28
x
GLint GLint GLint GLint GLint x
Definition: gl.h:1548
len
GLenum GLsizei len
Definition: glext.h:6722
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
LocalFree
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1594
_tcscmp
#define _tcscmp
Definition: tchar.h:1424
_tcscat
#define _tcscat
Definition: tchar.h:622
_tcscpy
#define _tcscpy
Definition: tchar.h:623
_tmain
#define _tmain
Definition: tchar.h:497
_tcschr
#define _tcschr
Definition: tchar.h:1406
if
if(dx< 0)
Definition: linetemp.h:194
SID_NAME_USE
enum _SID_NAME_USE SID_NAME_USE
pch
#define pch(ap)
Definition: match.c:418
_tcsrchr
#define _tcsrchr
Definition: utility.h:116
ERROR_FILE_NOT_FOUND
#define ERROR_FILE_NOT_FOUND
Definition: disk.h:79
argv
#define argv
Definition: mplay32.c:18
PSID
struct _SID * PSID
Definition: eventlog.c:35
PSECURITY_DESCRIPTOR
struct _SECURITY_DESCRIPTOR * PSECURITY_DESCRIPTOR
Definition: security.c:98
UINT
unsigned int UINT
Definition: ndis.h:50
AccessMask
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186
Dacl
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1617
DaclPresent
_In_ BOOLEAN DaclPresent
Definition: rtlfuncs.h:1659
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1157
DaclDefaulted
_In_ BOOLEAN _In_opt_ PACL _In_opt_ BOOLEAN DaclDefaulted
Definition: rtlfuncs.h:1662
SPECIFIC_RIGHTS_ALL
#define SPECIFIC_RIGHTS_ALL
Definition: nt_native.h:71
SYNCHRONIZE
#define SYNCHRONIZE
Definition: nt_native.h:61
FILE_WRITE_DATA
#define FILE_WRITE_DATA
Definition: nt_native.h:631
WRITE_DAC
#define WRITE_DAC
Definition: nt_native.h:59
FILE_READ_DATA
#define FILE_READ_DATA
Definition: nt_native.h:628
FILE_GENERIC_EXECUTE
#define FILE_GENERIC_EXECUTE
Definition: nt_native.h:668
ACCESS_SYSTEM_SECURITY
#define ACCESS_SYSTEM_SECURITY
Definition: nt_native.h:77
FILE_READ_ATTRIBUTES
#define FILE_READ_ATTRIBUTES
Definition: nt_native.h:647
FILE_DELETE_CHILD
#define FILE_DELETE_CHILD
Definition: nt_native.h:645
FILE_READ_EA
#define FILE_READ_EA
Definition: nt_native.h:638
FILE_EXECUTE
#define FILE_EXECUTE
Definition: nt_native.h:642
FILE_WRITE_ATTRIBUTES
#define FILE_WRITE_ATTRIBUTES
Definition: nt_native.h:649
STANDARD_RIGHTS_ALL
#define STANDARD_RIGHTS_ALL
Definition: nt_native.h:69
FILE_APPEND_DATA
#define FILE_APPEND_DATA
Definition: nt_native.h:634
GENERIC_ALL
#define GENERIC_ALL
Definition: nt_native.h:92
FILE_ATTRIBUTE_DIRECTORY
#define FILE_ATTRIBUTE_DIRECTORY
Definition: nt_native.h:705
DELETE
#define DELETE
Definition: nt_native.h:57
READ_CONTROL
#define READ_CONTROL
Definition: nt_native.h:58
FILE_ALL_ACCESS
#define FILE_ALL_ACCESS
Definition: nt_native.h:651
WRITE_OWNER
#define WRITE_OWNER
Definition: nt_native.h:60
DWORD
#define DWORD
Definition: nt_native.h:44
GENERIC_WRITE
#define GENERIC_WRITE
Definition: nt_native.h:90
FILE_GENERIC_READ
#define FILE_GENERIC_READ
Definition: nt_native.h:653
FILE_WRITE_EA
#define FILE_WRITE_EA
Definition: nt_native.h:640
GENERIC_EXECUTE
#define GENERIC_EXECUTE
Definition: nt_native.h:91
MAXIMUM_ALLOWED
#define MAXIMUM_ALLOWED
Definition: nt_native.h:83
FILE_GENERIC_WRITE
#define FILE_GENERIC_WRITE
Definition: nt_native.h:660
STANDARD_RIGHTS_REQUIRED
#define STANDARD_RIGHTS_REQUIRED
Definition: nt_native.h:63
Length
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:102
L
#define L(x)
Definition: ntvdm.h:50
ConMsgPuts
INT ConMsgPuts(IN PCON_STREAM Stream, IN DWORD dwFlags, IN LPCVOID lpSource OPTIONAL, IN DWORD dwMessageId, IN DWORD dwLanguageId)
Definition: outstream.c:837
ConvertSidToStringSid
#define ConvertSidToStringSid
Definition: sddl.h:160
GetSecurityDescriptorDacl
BOOL WINAPI GetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, LPBOOL lpbDaclPresent, PACL *pDacl, LPBOOL lpbDaclDefaulted)
Definition: sec.c:45
WIN32_FIND_DATAA
Definition: shtypes.idl:80
_ACCESS_ALLOWED_ACE
Definition: ms-dtyp.idl:215
_ACL
Definition: ms-dtyp.idl:293
_FileName
Definition: filecomp.c:348
_GENERIC_MAPPING
Definition: nt_native.h:564
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
_SID
Definition: ms-dtyp.idl:198
LANG_USER_DEFAULT
#define LANG_USER_DEFAULT
Definition: tnerror.cpp:50
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:80
INT
int32_t INT
Definition: typedefs.h:58
IN
#define IN
Definition: typedefs.h:39
_T
#define _T(x)
Definition: vfdio.h:22
lstrcpyn
#define lstrcpyn
Definition: winbase.h:3916
GetLastError
DWORD WINAPI GetLastError(void)
Definition: except.c:1042
LookupAccountSid
#define LookupAccountSid
Definition: winbase.h:3908
GetFileAttributes
#define GetFileAttributes
Definition: winbase.h:3856
SetCurrentDirectory
#define SetCurrentDirectory
Definition: winbase.h:3944
GetFileSecurity
#define GetFileSecurity
Definition: winbase.h:3858
FORMAT_MESSAGE_FROM_SYSTEM
#define FORMAT_MESSAGE_FROM_SYSTEM
Definition: winbase.h:456
FindNextFile
#define FindNextFile
Definition: winbase.h:3829
lstrcmpi
#define lstrcmpi
Definition: winbase.h:3914
FindFirstFile
#define FindFirstFile
Definition: winbase.h:3823
lstrlen
#define lstrlen
Definition: winbase.h:3917
lstrcat
#define lstrcat
Definition: winbase.h:3912
GetCurrentDirectory
#define GetCurrentDirectory
Definition: winbase.h:3846
GetFullPathName
#define GetFullPathName
Definition: winbase.h:3862
x2
_In_ CLIPOBJ _In_ BRUSHOBJ _In_ LONG _In_ LONG _In_ LONG x2
Definition: winddi.h:3710
ERROR_DIRECTORY
#define ERROR_DIRECTORY
Definition: winerror.h:295
ERROR_NO_SECURITY_ON_OBJECT
#define ERROR_NO_SECURITY_ON_OBJECT
Definition: winerror.h:831
ERROR_NO_MORE_FILES
#define ERROR_NO_MORE_FILES
Definition: winerror.h:121
ERROR_NONE_MAPPED
#define ERROR_NONE_MAPPED
Definition: winerror.h:814
CharPrev
#define CharPrev
Definition: winuser.h:5826
SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:191
AceIndex
_In_ ULONG AceIndex
Definition: rtlfuncs.h:1879
CONTAINER_INHERIT_ACE
#define CONTAINER_INHERIT_ACE
Definition: setypes.h:747
INHERIT_ONLY_ACE
#define INHERIT_ONLY_ACE
Definition: setypes.h:749
DACL_SECURITY_INFORMATION
#define DACL_SECURITY_INFORMATION
Definition: setypes.h:125
OBJECT_INHERIT_ACE
#define OBJECT_INHERIT_ACE
Definition: setypes.h:746
ACCESS_DENIED_ACE_TYPE
#define ACCESS_DENIED_ACE_TYPE
Definition: setypes.h:718
TCHAR
char TCHAR
Definition: xmlstorage.h:189
LPCTSTR
const CHAR * LPCTSTR
Definition: xmlstorage.h:193
LPTSTR
CHAR * LPTSTR
Definition: xmlstorage.h:192
_tcslen
#define _tcslen
Definition: xmlstorage.h:198