ReactOS  0.4.15-dev-321-g2d9b385
cacls.c
Go to the documentation of this file.
1 /*
2  * ReactOS Control ACLs Program
3  * Copyright (C) 2006 Thomas Weidenmueller
4  *
5  * This library is free software; you can redistribute it and/or
6  * modify it under the terms of the GNU Lesser General Public
7  * License as published by the Free Software Foundation; either
8  * version 2.1 of the License, or (at your option) any later version.
9  *
10  * This library is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  * Lesser General Public License for more details.
14  *
15  * You should have received a copy of the GNU Lesser General Public
16  * License along with this library; if not, write to the Free Software
17  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
18  */
19 
20 #include "precomp.h"
21 
22 /* command line options */
23 BOOL OptionT = FALSE, OptionE = FALSE, OptionC = FALSE;
24 BOOL OptionG = FALSE, OptionR = FALSE, OptionP = FALSE, OptionD = FALSE;
25 LPCTSTR GUser, GPerm, RUser, PUser, PPerm, DUser;
26 
27 static GENERIC_MAPPING FileGenericMapping =
28 {
29  FILE_GENERIC_READ,
30  FILE_GENERIC_WRITE,
31  FILE_GENERIC_EXECUTE,
32  FILE_ALL_ACCESS
33 };
34 
35 
36 static VOID
37 PrintError(DWORD dwError)
38 {
39  if (dwError == ERROR_SUCCESS)
40  return;
41 
42  ConMsgPuts(StdErr, FORMAT_MESSAGE_FROM_SYSTEM,
43  NULL, dwError, LANG_USER_DEFAULT);
44 }
45 
46 static BOOL
47 PrintFileDacl(IN LPTSTR FilePath,
48  IN LPTSTR FileName)
49 {
50  SIZE_T Length;
51  PSECURITY_DESCRIPTOR SecurityDescriptor;
52  DWORD SDSize = 0;
53  TCHAR FullFileName[MAX_PATH + 1];
54  BOOL Error = FALSE, Ret = FALSE;
55 
56  Length = _tcslen(FilePath) + _tcslen(FileName);
57  if (Length > MAX_PATH)
58  {
59  /* file name too long */
60  SetLastError(ERROR_FILE_NOT_FOUND);
61  return FALSE;
62  }
63 
64  _tcscpy(FullFileName, FilePath);
65  _tcscat(FullFileName, FileName);
66 
67  /* find out how much memory we need */
68  if (!GetFileSecurity(FullFileName,
69  DACL_SECURITY_INFORMATION,
70  NULL,
71  0,
72  &SDSize) &&
73  GetLastError() != ERROR_INSUFFICIENT_BUFFER)
74  {
75  return FALSE;
76  }
77 
78  SecurityDescriptor = (PSECURITY_DESCRIPTOR)HeapAlloc(GetProcessHeap(),
79  0,
80  SDSize);
81  if (SecurityDescriptor != NULL)
82  {
83  if (GetFileSecurity(FullFileName,
84  DACL_SECURITY_INFORMATION,
85  SecurityDescriptor,
86  SDSize,
87  &SDSize))
88  {
89  PACL Dacl;
90  BOOL DaclPresent;
91  BOOL DaclDefaulted;
92 
93  if (GetSecurityDescriptorDacl(SecurityDescriptor,
94  &DaclPresent,
95  &Dacl,
96  &DaclDefaulted))
97  {
98  if (DaclPresent)
99  {
100  PACCESS_ALLOWED_ACE Ace;
101  DWORD AceIndex = 0;
102 
103  /* dump the ACL */
104  while (GetAce(Dacl,
105  AceIndex,
106  (PVOID*)&Ace))
107  {
108  SID_NAME_USE Use;
109  DWORD NameSize = 0;
110  DWORD DomainSize = 0;
111  LPTSTR Name = NULL;
112  LPTSTR Domain = NULL;
113  LPTSTR SidString = NULL;
114  DWORD IndentAccess;
115  DWORD AccessMask = Ace->Mask;
116  PSID Sid = (PSID)&Ace->SidStart;
117 
118  /* attempt to translate the SID into a readable string */
119  if (!LookupAccountSid(NULL,
120  Sid,
121  Name,
122  &NameSize,
123  Domain,
124  &DomainSize,
125  &Use))
126  {
127  if (GetLastError() == ERROR_NONE_MAPPED || NameSize == 0)
128  {
129  goto BuildSidString;
130  }
131  else
132  {
133  if (GetLastError() != ERROR_INSUFFICIENT_BUFFER)
134  {
135  Error = TRUE;
136  break;
137  }
138 
139  Name = (LPTSTR)HeapAlloc(GetProcessHeap(),
140  0,
141  (NameSize + DomainSize) * sizeof(TCHAR));
142  if (Name == NULL)
143  {
144  SetLastError(ERROR_NOT_ENOUGH_MEMORY);
145  Error = TRUE;
146  break;
147  }
148 
149  Domain = Name + NameSize;
150  Name[0] = _T('\0');
151  if (DomainSize != 0)
152  Domain[0] = _T('\0');
153  if (!LookupAccountSid(NULL,
154  Sid,
155  Name,
156  &NameSize,
157  Domain,
158  &DomainSize,
159  &Use))
160  {
161  HeapFree(GetProcessHeap(),
162  0,
163  Name);
164  Name = NULL;
165  goto BuildSidString;
166  }
167  }
168  }
169  else
170  {
171 BuildSidString:
172  if (!ConvertSidToStringSid(Sid,
173  &SidString))
174  {
175  Error = TRUE;
176  break;
177  }
178  }
179 
180  /* print the file name or space */
181  ConPrintf(StdOut, L"%s ", FullFileName);
182 
183  /* attempt to map the SID to a user name */
184  if (AceIndex == 0)
185  {
186  DWORD i = 0;
187 
188  /* overwrite the full file name with spaces so we
189  only print the file name once */
190  while (FullFileName[i] != _T('\0'))
191  FullFileName[i++] = _T(' ');
192  }
193 
194  /* print the domain and/or user if possible, or the SID string */
195  if (Name != NULL && Domain[0] != _T('\0'))
196  {
197  ConPrintf(StdOut, L"%s\\%s:", Domain, Name);
198  IndentAccess = (DWORD)_tcslen(Domain) + _tcslen(Name);
199  }
200  else
201  {
202  LPTSTR DisplayString = (Name != NULL ? Name : SidString);
203 
204  ConPrintf(StdOut, L"%s:", DisplayString);
205  IndentAccess = (DWORD)_tcslen(DisplayString);
206  }
207 
208  /* print the ACE Flags */
209  if (Ace->Header.AceFlags & CONTAINER_INHERIT_ACE)
210  {
211  IndentAccess += ConResPuts(StdOut, IDS_ABBR_CI);
212  }
213  if (Ace->Header.AceFlags & OBJECT_INHERIT_ACE)
214  {
215  IndentAccess += ConResPuts(StdOut, IDS_ABBR_OI);
216  }
217  if (Ace->Header.AceFlags & INHERIT_ONLY_ACE)
218  {
219  IndentAccess += ConResPuts(StdOut, IDS_ABBR_IO);
220  }
221 
222  IndentAccess += 2;
223 
224  /* print the access rights */
225  MapGenericMask(&AccessMask,
226  &FileGenericMapping);
227  if (Ace->Header.AceType & ACCESS_DENIED_ACE_TYPE)
228  {
229  if (AccessMask == FILE_ALL_ACCESS)
230  {
231  ConResPuts(StdOut, IDS_ABBR_NONE);
232  }
233  else
234  {
235  ConResPuts(StdOut, IDS_DENY);
236  goto PrintSpecialAccess;
237  }
238  }
239  else
240  {
241  if (AccessMask == FILE_ALL_ACCESS)
242  {
243  ConResPuts(StdOut, IDS_ABBR_FULL);
244  }
245  else if (!(Ace->Mask & (GENERIC_READ | GENERIC_EXECUTE)) &&
246  AccessMask == (FILE_GENERIC_READ | FILE_EXECUTE))
247  {
248  ConResPuts(StdOut, IDS_ABBR_READ);
249  }
250  else if (AccessMask == (FILE_GENERIC_READ | FILE_GENERIC_WRITE | FILE_EXECUTE | DELETE))
251  {
252  ConResPuts(StdOut, IDS_ABBR_CHANGE);
253  }
254  else if (AccessMask == FILE_GENERIC_WRITE)
255  {
256  ConResPuts(StdOut, IDS_ABBR_WRITE);
257  }
258  else
259  {
260  DWORD x, x2;
261  static const struct
262  {
263  DWORD Access;
264  UINT uID;
265  }
266  AccessRights[] =
267  {
268  {FILE_WRITE_ATTRIBUTES, IDS_FILE_WRITE_ATTRIBUTES},
269  {FILE_READ_ATTRIBUTES, IDS_FILE_READ_ATTRIBUTES},
270  {FILE_DELETE_CHILD, IDS_FILE_DELETE_CHILD},
271  {FILE_EXECUTE, IDS_FILE_EXECUTE},
272  {FILE_WRITE_EA, IDS_FILE_WRITE_EA},
273  {FILE_READ_EA, IDS_FILE_READ_EA},
274  {FILE_APPEND_DATA, IDS_FILE_APPEND_DATA},
275  {FILE_WRITE_DATA, IDS_FILE_WRITE_DATA},
276  {FILE_READ_DATA, IDS_FILE_READ_DATA},
277  {FILE_GENERIC_EXECUTE, IDS_FILE_GENERIC_EXECUTE},
278  {FILE_GENERIC_WRITE, IDS_FILE_GENERIC_WRITE},
279  {FILE_GENERIC_READ, IDS_FILE_GENERIC_READ},
280  {GENERIC_ALL, IDS_GENERIC_ALL},
281  {GENERIC_EXECUTE, IDS_GENERIC_EXECUTE},
282  {GENERIC_WRITE, IDS_GENERIC_WRITE},
283  {GENERIC_READ, IDS_GENERIC_READ},
284  {MAXIMUM_ALLOWED, IDS_MAXIMUM_ALLOWED},
285  {ACCESS_SYSTEM_SECURITY, IDS_ACCESS_SYSTEM_SECURITY},
286  {SPECIFIC_RIGHTS_ALL, IDS_SPECIFIC_RIGHTS_ALL},
287  {STANDARD_RIGHTS_REQUIRED, IDS_STANDARD_RIGHTS_REQUIRED},
288  {SYNCHRONIZE, IDS_SYNCHRONIZE},
289  {WRITE_OWNER, IDS_WRITE_OWNER},
290  {WRITE_DAC, IDS_WRITE_DAC},
291  {READ_CONTROL, IDS_READ_CONTROL},
292  {DELETE, IDS_DELETE},
293  {STANDARD_RIGHTS_ALL, IDS_STANDARD_RIGHTS_ALL},
294  };
295 
296  ConResPuts(StdOut, IDS_ALLOW);
297 
298 PrintSpecialAccess:
299  ConResPuts(StdOut, IDS_SPECIAL_ACCESS);
300 
301  /* print the special access rights */
302  x = ARRAYSIZE(AccessRights);
303  while (x-- != 0)
304  {
305  if ((Ace->Mask & AccessRights[x].Access) == AccessRights[x].Access)
306  {
307  ConPrintf(StdOut, L"\n%s ", FullFileName);
308  for (x2 = 0; x2 < IndentAccess; x2++)
309  {
310  ConPuts(StdOut, L" ");
311  }
312 
313  ConResPuts(StdOut, AccessRights[x].uID);
314  }
315  }
316 
317  ConPuts(StdOut, L"\n");
318  }
319  }
320 
321  ConPuts(StdOut, L"\n");
322 
323  /* free up all resources */
324  if (Name != NULL)
325  {
326  HeapFree(GetProcessHeap(),
327  0,
328  Name);
329  }
330 
331  if (SidString != NULL)
332  {
333  LocalFree((HLOCAL)SidString);
334  }
335 
336  AceIndex++;
337  }
338 
339  if (!Error)
340  Ret = TRUE;
341  }
342  else
343  {
344  SetLastError(ERROR_NO_SECURITY_ON_OBJECT);
345  }
346  }
347  }
348 
349  HeapFree(GetProcessHeap(),
350  0,
351  SecurityDescriptor);
352  }
353  else
354  {
355  SetLastError(ERROR_NOT_ENOUGH_MEMORY);
356  }
357 
358  return Ret;
359 }
360 
361 /* add a backslash at end to a path string if necessary */
362 static VOID
363 AddBackslash(LPTSTR FilePath)
364 {
365  INT len = lstrlen(FilePath);
366  LPTSTR pch = CharPrev(FilePath, FilePath + len);
367  if (*pch != _T('\\'))
368  lstrcat(pch, _T("\\"));
369 }
370 
371 static BOOL
372 GetPathOfFile(LPTSTR FilePath, LPCTSTR pszFiles)
373 {
374  TCHAR FullPath[MAX_PATH];
375  LPTSTR pch;
376  DWORD attrs;
377 
378  lstrcpyn(FilePath, pszFiles, MAX_PATH);
379  pch = _tcsrchr(FilePath, _T('\\'));
380  if (pch != NULL)
381  {
382  *pch = 0;
383  if (!GetFullPathName(FilePath, MAX_PATH, FullPath, NULL))
384  {
385  PrintError(GetLastError());
386  return FALSE;
387  }
388  lstrcpyn(FilePath, FullPath, MAX_PATH);
389 
390  attrs = GetFileAttributes(FilePath);
391  if (attrs == 0xFFFFFFFF || !(attrs & FILE_ATTRIBUTE_DIRECTORY))
392  {
393  PrintError(ERROR_DIRECTORY);
394  return FALSE;
395  }
396  }
397  else
398  GetCurrentDirectory(MAX_PATH, FilePath);
399 
400  AddBackslash(FilePath);
401  return TRUE;
402 }
403 
404 static BOOL
405 PrintDaclsOfFiles(LPCTSTR pszFiles)
406 {
407  TCHAR FilePath[MAX_PATH];
408  WIN32_FIND_DATA FindData;
409  HANDLE hFind;
410  DWORD LastError;
411 
412  /*
413  * get the file path
414  */
415  if (!GetPathOfFile(FilePath, pszFiles))
416  return FALSE;
417 
418  /*
419  * search for the files
420  */
421  hFind = FindFirstFile(pszFiles, &FindData);
422  if (hFind == INVALID_HANDLE_VALUE)
423  return FALSE;
424 
425  do
426  {
427  if (FindData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
428  continue;
429 
430  if (!PrintFileDacl(FilePath, FindData.cFileName))
431  {
432  LastError = GetLastError();
433  if (LastError == ERROR_ACCESS_DENIED)
434  {
435  PrintError(LastError);
436  if (!OptionC)
437  {
438  FindClose(hFind);
439  return FALSE;
440  }
441  }
442  else
443  {
444  break;
445  }
446  }
447  else
448  {
449  ConPuts(StdOut, L"\n");
450  }
451  } while(FindNextFile(hFind, &FindData));
452  LastError = GetLastError();
453  FindClose(hFind);
454 
455  if (LastError != ERROR_NO_MORE_FILES)
456  {
457  PrintError(LastError);
458  return FALSE;
459  }
460 
461  return TRUE;
462 }
463 
464 static BOOL
465 GrantUserAccessRights(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User, TCHAR Perm)
466 {
467  /* TODO & FIXME */
468  switch(Perm)
469  {
470  case _T('R'): // Read
471  break;
472  case _T('W'): // Write
473  break;
474  case _T('C'): // Change (write)
475  break;
476  case _T('F'): // Full control
477  break;
478  default:
479  break;
480  }
481  return FALSE;
482 }
483 
484 static BOOL
485 ReplaceUserAccessRights(
486  LPCTSTR FilePath,
487  LPCTSTR File,
488  LPCTSTR User,
489  TCHAR Perm)
490 {
491  /* TODO & FIXME */
492  switch(Perm)
493  {
494  case _T('N'): // None
495  break;
496  case _T('R'): // Read
497  break;
498  case _T('W'): // Write
499  break;
500  case _T('C'): // Change (write)
501  break;
502  case _T('F'): // Full control
503  break;
504  default:
505  break;
506  }
507  return FALSE;
508 }
509 
510 static BOOL
511 EditUserAccessRights(
512  LPCTSTR FilePath,
513  LPCTSTR File,
514  LPCTSTR User,
515  TCHAR Perm)
516 {
517  /* TODO & FIXME */
518  switch(Perm)
519  {
520  case _T('N'): // None
521  break;
522  case _T('R'): // Read
523  break;
524  case _T('W'): // Write
525  break;
526  case _T('C'): // Change (write)
527  break;
528  case _T('F'): // Full control
529  break;
530  default:
531  break;
532  }
533  return FALSE;
534 }
535 
536 static BOOL
537 DenyUserAccess(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User)
538 {
539  /* TODO & FIXME */
540  return FALSE;
541 }
542 
543 static BOOL
544 RevokeUserAccessRights(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User)
545 {
546  /* TODO & FIXME */
547  return FALSE;
548 }
549 
550 static BOOL
551 ChangeFileACL(LPCTSTR FilePath, LPCTSTR File)
552 {
553  if (OptionG)
554  {
555  /* Grant specified user access rights. */
556  GrantUserAccessRights(FilePath, File, GUser, *GPerm);
557  }
558 
559  if (OptionP)
560  {
561  if (!OptionE)
562  {
563  /* Replace specified user's access rights. */
564  ReplaceUserAccessRights(FilePath, File, PUser, *PPerm);
565  }
566  else
567  {
568  /* Edit ACL instead of replacing it. */
569  EditUserAccessRights(FilePath, File, PUser, *PPerm);
570  }
571  }
572 
573  if (OptionD)
574  {
575  /* Deny specified user access. */
576  DenyUserAccess(FilePath, File, DUser);
577  }
578 
579  if (OptionR)
580  {
581  /* Revoke specified user's access rights. */
582  RevokeUserAccessRights(FilePath, File, RUser);
583  }
584 
585  return TRUE;
586 }
587 
588 static BOOL
589 ChangeACLsOfFiles(LPCTSTR pszFiles)
590 {
591  TCHAR FilePath[MAX_PATH];
592  HANDLE hFind;
593  WIN32_FIND_DATA FindData;
594  DWORD LastError;
595 
596  /*
597  * get the file path
598  */
599  if (!GetPathOfFile(FilePath, pszFiles))
600  return FALSE;
601 
602  /*
603  * search for files in current directory
604  */
605  hFind = FindFirstFile(pszFiles, &FindData);
606  if (hFind == INVALID_HANDLE_VALUE)
607  return FALSE;
608 
609  do
610  {
611  if (FindData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
612  continue;
613 
614  if (!ChangeFileACL(FilePath, FindData.cFileName))
615  {
616  LastError = GetLastError();
617  if (LastError == ERROR_ACCESS_DENIED)
618  {
619  PrintError(LastError);
620  if (!OptionC)
621  {
622  FindClose(hFind);
623  return FALSE;
624  }
625  }
626  else
627  break;
628  }
629  } while(FindNextFile(hFind, &FindData));
630 
631  LastError = GetLastError();
632  FindClose(hFind);
633 
634  if (LastError != ERROR_NO_MORE_FILES)
635  {
636  PrintError(LastError);
637  return FALSE;
638  }
639 
640  return TRUE;
641 }
642 
643 static BOOL
644 ChangeACLsOfFilesInCurDir(LPCTSTR pszFiles)
645 {
646  HANDLE hFind;
647  WIN32_FIND_DATA FindData;
648  TCHAR szCurDir[MAX_PATH];
649  DWORD LastError;
650 
651  /*
652  * get the file path (current directory)
653  */
654  GetCurrentDirectory(MAX_PATH, szCurDir);
655  AddBackslash(szCurDir);
656 
657  /*
658  * search for files in current directory
659  */
660  hFind = FindFirstFile(pszFiles, &FindData);
661  if (hFind == INVALID_HANDLE_VALUE)
662  return FALSE;
663 
664  do
665  {
666  if (FindData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
667  continue;
668 
669  if (!ChangeFileACL(szCurDir, FindData.cFileName))
670  {
671  LastError = GetLastError();
672  if (LastError == ERROR_ACCESS_DENIED)
673  {
674  PrintError(LastError);
675  if (!OptionC)
676  {
677  FindClose(hFind);
678  return FALSE;
679  }
680  }
681  else
682  break;
683  }
684  } while(FindNextFile(hFind, &FindData));
685 
686  LastError = GetLastError();
687  FindClose(hFind);
688 
689  if (LastError != ERROR_NO_MORE_FILES)
690  {
691  PrintError(LastError);
692  return FALSE;
693  }
694 
695  /*
696  * search for subdirectory in current directory
697  */
698  hFind = FindFirstFile(_T("*"), &FindData);
699  if (hFind == INVALID_HANDLE_VALUE)
700  return FALSE;
701  do
702  {
703  if (_tcscmp(FindData.cFileName, _T(".")) == 0 ||
704  _tcscmp(FindData.cFileName, _T("..")) == 0)
705  continue;
706 
707  if (FindData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
708  {
709  GetCurrentDirectory(MAX_PATH, szCurDir);
710  if (SetCurrentDirectory(FindData.cFileName))
711  {
712  ChangeACLsOfFilesInCurDir(pszFiles);
713  SetCurrentDirectory(szCurDir);
714  }
715  else
716  {
717  LastError = GetLastError();
718  if (LastError == ERROR_ACCESS_DENIED)
719  {
720  PrintError(LastError);
721  if (!OptionC)
722  {
723  FindClose(hFind);
724  return FALSE;
725  }
726  }
727  else
728  break;
729  }
730  }
731  } while(FindNextFile(hFind, &FindData));
732  LastError = GetLastError();
733  FindClose(hFind);
734 
735  if (LastError != ERROR_NO_MORE_FILES)
736  {
737  PrintError(LastError);
738  return FALSE;
739  }
740  return TRUE;
741 }
742 
743 int _tmain(int argc, const TCHAR *argv[])
744 {
745  INT i;
746  LPTSTR pch;
747  BOOL InvalidParameter = FALSE;
748 
749  /* Initialize the Console Standard Streams */
750  ConInitStdStreams();
751 
752  if (argc <= 1)
753  {
754  ConResPuts(StdOut, IDS_HELP);
755  return 0;
756  }
757 
758  // FIXME: Convert to proper parsing, with support for /?
759 
760  /*
761  * parse command line options
762  */
763  for (i = 2; i < argc; i++)
764  {
765  if (lstrcmpi(argv[i], _T("/T")) == 0)
766  {
767  OptionT = TRUE;
768  }
769  else if (lstrcmpi(argv[i], _T("/E")) == 0)
770  {
771  OptionE = TRUE;
772  }
773  else if (lstrcmpi(argv[i], _T("/C")) == 0)
774  {
775  OptionC = TRUE;
776  }
777  else if (lstrcmpi(argv[i], _T("/G")) == 0)
778  {
779  if (i + 1 < argc)
780  {
781  pch = _tcschr(argv[++i], _T(':'));
782  if (pch != NULL)
783  {
784  OptionG = TRUE;
785  *pch = 0;
786  GUser = argv[i];
787  GPerm = pch + 1;
788  continue;
789  }
790  }
791  InvalidParameter = TRUE;
792  break;
793  }
794  else if (lstrcmpi(argv[i], _T("/R")) == 0)
795  {
796  if (i + 1 < argc)
797  {
798  RUser = argv[++i];
799  OptionR = TRUE;
800  continue;
801  }
802  InvalidParameter = TRUE;
803  break;
804  }
805  else if (lstrcmpi(argv[i], _T("/P")) == 0)
806  {
807  if (i + 1 < argc)
808  {
809  pch = _tcschr(argv[++i], _T(':'));
810  if (pch != NULL)
811  {
812  OptionP = TRUE;
813  *pch = 0;
814  PUser = argv[i];
815  PPerm = pch + 1;
816  continue;
817  }
818  }
819  InvalidParameter = TRUE;
820  break;
821  }
822  else if (lstrcmpi(argv[i], _T("/D")) == 0)
823  {
824  if (i + 1 < argc)
825  {
826  OptionD = TRUE;
827  DUser = argv[++i];
828  continue;
829  }
830  InvalidParameter = TRUE;
831  break;
832  }
833  else
834  {
835  InvalidParameter = TRUE;
836  break;
837  }
838  }
839 
840  if (InvalidParameter)
841  {
842  PrintError(ERROR_INVALID_PARAMETER);
843  ConResPuts(StdOut, IDS_HELP);
844  return 1;
845  }
846 
847  /* /R is only valid with /E */
848  if (OptionR && !OptionE)
849  {
850  OptionR = FALSE;
851  }
852 
853  PrintDaclsOfFiles(argv[1]);
854 
855  if (OptionT)
856  {
857  ChangeACLsOfFilesInCurDir(argv[1]);
858  }
859  else
860  {
861  ChangeACLsOfFiles(argv[1]);
862  }
863 
864  return 0;
865 }
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
ERROR_INVALID_PARAMETER
#define ERROR_INVALID_PARAMETER
Definition: compat.h:91
FILE_GENERIC_READ
#define FILE_GENERIC_READ
Definition: nt_native.h:653
MAXIMUM_ALLOWED
#define MAXIMUM_ALLOWED
Definition: nt_native.h:83
MapGenericMask
VOID WINAPI MapGenericMask(PDWORD, PGENERIC_MAPPING)
PSECURITY_DESCRIPTOR
struct _SECURITY_DESCRIPTOR * PSECURITY_DESCRIPTOR
Definition: security.c:97
argc
static int argc
Definition: ServiceArgs.c:12
FILE_WRITE_EA
#define FILE_WRITE_EA
Definition: nt_native.h:640
IN
#define IN
Definition: typedefs.h:39
GENERIC_ALL
#define GENERIC_ALL
Definition: nt_native.h:92
TRUE
#define TRUE
Definition: types.h:120
LPCTSTR
const CHAR * LPCTSTR
Definition: xmlstorage.h:193
IDS_FILE_WRITE_EA
#define IDS_FILE_WRITE_EA
Definition: resource.h:27
IDS_FILE_GENERIC_WRITE
#define IDS_FILE_GENERIC_WRITE
Definition: resource.h:22
lstrcmpi
#define lstrcmpi
Definition: winbase.h:3713
SID_NAME_USE
enum _SID_NAME_USE SID_NAME_USE
ERROR_SUCCESS
#define ERROR_SUCCESS
Definition: deptool.c:10
DaclDefaulted
_In_ BOOLEAN _In_opt_ PACL _In_opt_ BOOLEAN DaclDefaulted
Definition: rtlfuncs.h:1594
_SID
Definition: ms-dtyp.idl:198
FILE_ALL_ACCESS
#define FILE_ALL_ACCESS
Definition: nt_native.h:651
GetSecurityDescriptorDacl
BOOL WINAPI GetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, LPBOOL lpbDaclPresent, PACL *pDacl, LPBOOL lpbDaclDefaulted)
Definition: sec.c:45
ACCESS_SYSTEM_SECURITY
#define ACCESS_SYSTEM_SECURITY
Definition: nt_native.h:77
GrantUserAccessRights
static BOOL GrantUserAccessRights(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User, TCHAR Perm)
Definition: cacls.c:465
_ACCESS_ALLOWED_ACE
Definition: ms-dtyp.idl:215
IDS_WRITE_OWNER
#define IDS_WRITE_OWNER
Definition: resource.h:37
_tcscmp
int _tcscmp(const _TCHAR *s1, const _TCHAR *s2)
Definition: tcscmp.h:8
SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:182
_ACL
Definition: ms-dtyp.idl:293
IDS_GENERIC_READ
#define IDS_GENERIC_READ
Definition: resource.h:16
ERROR_NONE_MAPPED
#define ERROR_NONE_MAPPED
Definition: winerror.h:814
IDS_GENERIC_ALL
#define IDS_GENERIC_ALL
Definition: resource.h:19
IDS_ABBR_IO
#define IDS_ABBR_IO
Definition: resource.h:6
PrintError
static VOID PrintError(DWORD dwError)
Definition: cacls.c:37
IDS_ABBR_NONE
#define IDS_ABBR_NONE
Definition: resource.h:11
ARRAYSIZE
#define ARRAYSIZE(array)
Definition: filtermapper.c:47
CharPrev
#define CharPrev
Definition: winuser.h:5716
ERROR_NOT_ENOUGH_MEMORY
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
INVALID_HANDLE_VALUE
#define INVALID_HANDLE_VALUE
Definition: compat.h:400
_tcscpy
_TCHAR * _tcscpy(_TCHAR *to, const _TCHAR *from)
Definition: tcscpy.h:8
GetLastError
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1059
PrintDaclsOfFiles
static BOOL PrintDaclsOfFiles(LPCTSTR pszFiles)
Definition: cacls.c:405
x
GLint GLint GLint GLint GLint x
Definition: gl.h:1548
PPerm
LPCTSTR PPerm
Definition: cacls.c:25
IDS_WRITE_DAC
#define IDS_WRITE_DAC
Definition: resource.h:38
ChangeACLsOfFilesInCurDir
static BOOL ChangeACLsOfFilesInCurDir(LPCTSTR pszFiles)
Definition: cacls.c:644
WRITE_OWNER
#define WRITE_OWNER
Definition: nt_native.h:60
RUser
LPCTSTR RUser
Definition: cacls.c:25
IDS_FILE_READ_EA
#define IDS_FILE_READ_EA
Definition: resource.h:26
argv
#define argv
Definition: mplay32.c:18
FILE_APPEND_DATA
#define FILE_APPEND_DATA
Definition: nt_native.h:634
ERROR_DIRECTORY
#define ERROR_DIRECTORY
Definition: winerror.h:295
OptionE
BOOL OptionE
Definition: cacls.c:23
DWORD
#define DWORD
Definition: nt_native.h:44
INT
int32_t INT
Definition: typedefs.h:57
_tmain
int _tmain(int argc, const TCHAR *argv[])
Definition: cacls.c:743
IDS_FILE_WRITE_ATTRIBUTES
#define IDS_FILE_WRITE_ATTRIBUTES
Definition: resource.h:31
FILE_WRITE_ATTRIBUTES
#define FILE_WRITE_ATTRIBUTES
Definition: nt_native.h:649
LPTSTR
CHAR * LPTSTR
Definition: xmlstorage.h:192
pch
#define pch(ap)
Definition: match.c:418
DaclPresent
_In_ BOOLEAN DaclPresent
Definition: rtlfuncs.h:1594
PrintFileDacl
static BOOL PrintFileDacl(IN LPTSTR FilePath, IN LPTSTR FileName)
Definition: cacls.c:47
FilePath
PCWSTR FilePath
Definition: PrivateExtractIcons.c:12
LookupAccountSid
#define LookupAccountSid
Definition: winbase.h:3707
IDS_FILE_READ_DATA
#define IDS_FILE_READ_DATA
Definition: resource.h:23
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
FILE_DELETE_CHILD
#define FILE_DELETE_CHILD
Definition: nt_native.h:645
ConInitStdStreams
#define ConInitStdStreams()
Definition: stream.h:122
ERROR_ACCESS_DENIED
#define ERROR_ACCESS_DENIED
Definition: compat.h:87
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
FILE_READ_DATA
#define FILE_READ_DATA
Definition: nt_native.h:628
GENERIC_WRITE
#define GENERIC_WRITE
Definition: nt_native.h:90
IDS_ABBR_OI
#define IDS_ABBR_OI
Definition: resource.h:5
GetCurrentDirectory
#define GetCurrentDirectory
Definition: winbase.h:3645
ConPrintf
INT __cdecl ConPrintf(IN PCON_STREAM Stream, IN LPWSTR szStr,...)
Definition: outstream.c:520
Name
struct NameRec_ * Name
Definition: cdprocs.h:464
Ace
Definition: card.h:12
_tcslen
size_t __cdecl _tcslen(const _TCHAR *str)
Definition: tcslen.h:9
NULL
smooth NULL
Definition: ftsmooth.c:416
NameRec_
Definition: apinames.c:48
RevokeUserAccessRights
static BOOL RevokeUserAccessRights(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User)
Definition: cacls.c:544
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1103
OptionC
BOOL OptionC
Definition: cacls.c:23
_FileName
Definition: filecomp.c:347
IDS_FILE_WRITE_DATA
#define IDS_FILE_WRITE_DATA
Definition: resource.h:24
FindFirstFile
#define FindFirstFile
Definition: winbase.h:3622
IDS_ALLOW
#define IDS_ALLOW
Definition: resource.h:12
ERROR_FILE_NOT_FOUND
#define ERROR_FILE_NOT_FOUND
Definition: disk.h:79
FORMAT_MESSAGE_FROM_SYSTEM
#define FORMAT_MESSAGE_FROM_SYSTEM
Definition: winbase.h:404
_tcschr
_TCHAR * _tcschr(const _TCHAR *s, _XINT c)
Definition: tcschr.h:4
ERROR_NO_MORE_FILES
#define ERROR_NO_MORE_FILES
Definition: winerror.h:121
FILE_WRITE_DATA
#define FILE_WRITE_DATA
Definition: nt_native.h:631
FILE_ATTRIBUTE_DIRECTORY
#define FILE_ATTRIBUTE_DIRECTORY
Definition: nt_native.h:705
FILE_GENERIC_EXECUTE
#define FILE_GENERIC_EXECUTE
Definition: nt_native.h:668
OptionG
BOOL OptionG
Definition: cacls.c:24
IDS_FILE_DELETE_CHILD
#define IDS_FILE_DELETE_CHILD
Definition: resource.h:29
CONTAINER_INHERIT_ACE
#define CONTAINER_INHERIT_ACE
Definition: setypes.h:715
TCHAR
char TCHAR
Definition: xmlstorage.h:189
_T
#define _T(x)
Definition: vfdio.h:22
ReplaceUserAccessRights
static BOOL ReplaceUserAccessRights(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User, TCHAR Perm)
Definition: cacls.c:485
GetProcessHeap
#define GetProcessHeap()
Definition: compat.h:404
GPerm
LPCTSTR GPerm
Definition: cacls.c:25
HeapAlloc
PVOID WINAPI HeapAlloc(HANDLE, DWORD, SIZE_T)
if
if(!(yy_init))
Definition: macro.lex.yy.c:714
_GENERIC_MAPPING
Definition: nt_native.h:564
FindNextFile
#define FindNextFile
Definition: winbase.h:3628
ConvertSidToStringSid
#define ConvertSidToStringSid
Definition: sddl.h:160
DenyUserAccess
static BOOL DenyUserAccess(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User)
Definition: cacls.c:537
EditUserAccessRights
static BOOL EditUserAccessRights(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User, TCHAR Perm)
Definition: cacls.c:511
MAX_PATH
#define MAX_PATH
Definition: compat.h:26
OptionP
BOOL OptionP
Definition: cacls.c:24
AccessMask
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186
IDS_ABBR_FULL
#define IDS_ABBR_FULL
Definition: resource.h:7
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
WRITE_DAC
#define WRITE_DAC
Definition: nt_native.h:59
SPECIFIC_RIGHTS_ALL
#define SPECIFIC_RIGHTS_ALL
Definition: nt_native.h:71
OptionR
BOOL OptionR
Definition: cacls.c:24
Error
BOOL Error
Definition: chkdsk.c:66
SetLastError
#define SetLastError(x)
Definition: compat.h:418
IDS_STANDARD_RIGHTS_REQUIRED
#define IDS_STANDARD_RIGHTS_REQUIRED
Definition: resource.h:35
ConMsgPuts
INT ConMsgPuts(IN PCON_STREAM Stream, IN DWORD dwFlags, IN LPCVOID lpSource OPTIONAL, IN DWORD dwMessageId, IN DWORD dwLanguageId)
Definition: outstream.c:837
Length
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:101
StdErr
#define StdErr
Definition: stream.h:77
ACCESS_DENIED_ACE_TYPE
#define ACCESS_DENIED_ACE_TYPE
Definition: setypes.h:686
PSID
struct _SID * PSID
Definition: eventlog.c:35
READ_CONTROL
#define READ_CONTROL
Definition: nt_native.h:58
FILE_READ_ATTRIBUTES
#define FILE_READ_ATTRIBUTES
Definition: nt_native.h:647
IDS_ACCESS_SYSTEM_SECURITY
#define IDS_ACCESS_SYSTEM_SECURITY
Definition: resource.h:33
Dacl
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1552
ConResPuts
INT ConResPuts(IN PCON_STREAM Stream, IN UINT uID)
Definition: outstream.c:610
L
static const WCHAR L[]
Definition: oid.c:1250
WIN32_FIND_DATAA
Definition: shtypes.idl:80
FILE_EXECUTE
#define FILE_EXECUTE
Definition: nt_native.h:642
len
GLenum GLsizei len
Definition: glext.h:6722
GetFullPathName
#define GetFullPathName
Definition: winbase.h:3661
GENERIC_READ
#define GENERIC_READ
Definition: compat.h:124
GetFileSecurity
#define GetFileSecurity
Definition: winbase.h:3657
SYNCHRONIZE
#define SYNCHRONIZE
Definition: nt_native.h:61
AceIndex
_In_ ULONG AceIndex
Definition: rtlfuncs.h:1864
GUser
LPCTSTR GUser
Definition: cacls.c:25
DisplayString
VOID DisplayString(LPWSTR Msg)
Definition: misc.c:211
IDS_READ_CONTROL
#define IDS_READ_CONTROL
Definition: resource.h:39
GetFileAttributes
#define GetFileAttributes
Definition: winbase.h:3655
IDS_SPECIFIC_RIGHTS_ALL
#define IDS_SPECIFIC_RIGHTS_ALL
Definition: resource.h:34
IDS_FILE_GENERIC_READ
#define IDS_FILE_GENERIC_READ
Definition: resource.h:21
IDS_SPECIAL_ACCESS
#define IDS_SPECIAL_ACCESS
Definition: resource.h:14
OptionD
BOOL OptionD
Definition: cacls.c:24
FILE_GENERIC_WRITE
#define FILE_GENERIC_WRITE
Definition: nt_native.h:660
IDS_SYNCHRONIZE
#define IDS_SYNCHRONIZE
Definition: resource.h:36
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:79
lstrlen
#define lstrlen
Definition: winbase.h:3716
STANDARD_RIGHTS_ALL
#define STANDARD_RIGHTS_ALL
Definition: nt_native.h:69
GetAce
BOOL WINAPI GetAce(PACL pAcl, DWORD dwAceIndex, LPVOID *pAce)
Definition: security.c:1065
LocalFree
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1577
IDS_ABBR_CI
#define IDS_ABBR_CI
Definition: resource.h:4
IDS_STANDARD_RIGHTS_ALL
#define IDS_STANDARD_RIGHTS_ALL
Definition: resource.h:41
IDS_FILE_APPEND_DATA
#define IDS_FILE_APPEND_DATA
Definition: resource.h:25
OptionT
BOOL OptionT
Definition: cacls.c:23
FILE_READ_EA
#define FILE_READ_EA
Definition: nt_native.h:638
IDS_HELP
#define IDS_HELP
Definition: resource.h:3
UINT
unsigned int UINT
Definition: ndis.h:50
AddBackslash
static VOID AddBackslash(LPTSTR FilePath)
Definition: cacls.c:363
ConPuts
INT ConPuts(IN PCON_STREAM Stream, IN LPWSTR szStr)
Definition: outstream.c:427
DUser
LPCTSTR DUser
Definition: cacls.c:25
x2
_In_ CLIPOBJ _In_ BRUSHOBJ _In_ LONG _In_ LONG _In_ LONG x2
Definition: winddi.h:3706
IDS_ABBR_CHANGE
#define IDS_ABBR_CHANGE
Definition: resource.h:10
ERROR_NO_SECURITY_ON_OBJECT
#define ERROR_NO_SECURITY_ON_OBJECT
Definition: winerror.h:831
FileGenericMapping
static GENERIC_MAPPING FileGenericMapping
Definition: cacls.c:27
ChangeACLsOfFiles
static BOOL ChangeACLsOfFiles(LPCTSTR pszFiles)
Definition: cacls.c:589
IDS_GENERIC_EXECUTE
#define IDS_GENERIC_EXECUTE
Definition: resource.h:18
_tcsrchr
_TCHAR * _tcsrchr(const _TCHAR *s, _XINT c)
Definition: tcsrchr.h:4
_tcscat
_TCHAR * _tcscat(_TCHAR *s, const _TCHAR *append)
Definition: tcscat.h:8
StdOut
#define StdOut
Definition: stream.h:76
IDS_FILE_EXECUTE
#define IDS_FILE_EXECUTE
Definition: resource.h:28
STANDARD_RIGHTS_REQUIRED
#define STANDARD_RIGHTS_REQUIRED
Definition: nt_native.h:63
IDS_ABBR_READ
#define IDS_ABBR_READ
Definition: resource.h:8
INHERIT_ONLY_ACE
#define INHERIT_ONLY_ACE
Definition: setypes.h:717
IDS_DELETE
#define IDS_DELETE
Definition: resource.h:40
File
Definition: File.h:15
IDS_FILE_READ_ATTRIBUTES
#define IDS_FILE_READ_ATTRIBUTES
Definition: resource.h:30
IDS_MAXIMUM_ALLOWED
#define IDS_MAXIMUM_ALLOWED
Definition: resource.h:32
GENERIC_EXECUTE
#define GENERIC_EXECUTE
Definition: nt_native.h:91
IDS_GENERIC_WRITE
#define IDS_GENERIC_WRITE
Definition: resource.h:17
lstrcat
#define lstrcat
Definition: winbase.h:3711
IDS_DENY
#define IDS_DENY
Definition: resource.h:13
PUser
LPCTSTR PUser
Definition: cacls.c:25
HeapFree
#define HeapFree(x, y, z)
Definition: compat.h:403
OBJECT_INHERIT_ACE
#define OBJECT_INHERIT_ACE
Definition: setypes.h:714
DACL_SECURITY_INFORMATION
#define DACL_SECURITY_INFORMATION
Definition: setypes.h:125
GetPathOfFile
static BOOL GetPathOfFile(LPTSTR FilePath, LPCTSTR pszFiles)
Definition: cacls.c:372
ChangeFileACL
static BOOL ChangeFileACL(LPCTSTR FilePath, LPCTSTR File)
Definition: cacls.c:551
SetCurrentDirectory
#define SetCurrentDirectory
Definition: winbase.h:3743
LANG_USER_DEFAULT
#define LANG_USER_DEFAULT
Definition: tnerror.cpp:50
IDS_ABBR_WRITE
#define IDS_ABBR_WRITE
Definition: resource.h:9
DELETE
#define DELETE
Definition: nt_native.h:57
IDS_FILE_GENERIC_EXECUTE
#define IDS_FILE_GENERIC_EXECUTE
Definition: resource.h:20
lstrcpyn
#define lstrcpyn
Definition: winbase.h:3715
ERROR_INSUFFICIENT_BUFFER
#define ERROR_INSUFFICIENT_BUFFER
Definition: dderror.h:10
FindClose
BOOL WINAPI FindClose(HANDLE hFindFile)
Definition: find.c:502