ReactOS 0.4.16-dev-2613-g9533ad7
cacls.c
Go to the documentation of this file.
1/*
2 * ReactOS Control ACLs Program
3 * Copyright (C) 2006 Thomas Weidenmueller
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
18 */
19
20#include "precomp.h"
21
22/* command line options */
23BOOL OptionT = FALSE, OptionE = FALSE, OptionC = FALSE;
24BOOL OptionG = FALSE, OptionR = FALSE, OptionP = FALSE, OptionD = FALSE;
25LPCTSTR GUser, GPerm, RUser, PUser, PPerm, DUser;
26
27static GENERIC_MAPPING FileGenericMapping =
28{
29 FILE_GENERIC_READ,
30 FILE_GENERIC_WRITE,
31 FILE_GENERIC_EXECUTE,
32 FILE_ALL_ACCESS
33};
34
35
36static VOID
37PrintError(DWORD dwError)
38{
39 if (dwError == ERROR_SUCCESS)
40 return;
41
42 ConMsgPuts(StdErr, FORMAT_MESSAGE_FROM_SYSTEM,
43 NULL, dwError, LANG_USER_DEFAULT);
44}
45
46static BOOL
47PrintFileDacl(IN LPTSTR FilePath,
48 IN LPTSTR FileName)
49{
50 SIZE_T Length;
51 PSECURITY_DESCRIPTOR SecurityDescriptor;
52 DWORD SDSize = 0;
53 TCHAR FullFileName[MAX_PATH + 1];
54 BOOL Error = FALSE, Ret = FALSE;
55
56 Length = _tcslen(FilePath) + _tcslen(FileName);
57 if (Length > MAX_PATH)
58 {
59 /* file name too long */
60 SetLastError(ERROR_FILE_NOT_FOUND);
61 return FALSE;
62 }
63
64 _tcscpy(FullFileName, FilePath);
65 _tcscat(FullFileName, FileName);
66
67 /* find out how much memory we need */
68 if (!GetFileSecurity(FullFileName,
69 DACL_SECURITY_INFORMATION,
70 NULL,
71 0,
72 &SDSize) &&
73 GetLastError() != ERROR_INSUFFICIENT_BUFFER)
74 {
75 return FALSE;
76 }
77
78 SecurityDescriptor = (PSECURITY_DESCRIPTOR)HeapAlloc(GetProcessHeap(),
79 0,
80 SDSize);
81 if (SecurityDescriptor != NULL)
82 {
83 if (GetFileSecurity(FullFileName,
84 DACL_SECURITY_INFORMATION,
85 SecurityDescriptor,
86 SDSize,
87 &SDSize))
88 {
89 PACL Dacl;
90 BOOL DaclPresent;
91 BOOL DaclDefaulted;
92
93 if (GetSecurityDescriptorDacl(SecurityDescriptor,
94 &DaclPresent,
95 &Dacl,
96 &DaclDefaulted))
97 {
98 if (DaclPresent)
99 {
100 PACCESS_ALLOWED_ACE Ace;
101 DWORD AceIndex = 0;
102
103 /* dump the ACL */
104 while (GetAce(Dacl,
105 AceIndex,
106 (PVOID*)&Ace))
107 {
108 SID_NAME_USE Use;
109 DWORD NameSize = 0;
110 DWORD DomainSize = 0;
111 LPTSTR Name = NULL;
112 LPTSTR Domain = NULL;
113 LPTSTR SidString = NULL;
114 size_t IndentAccess;
115 DWORD AccessMask = Ace->Mask;
116 PSID Sid = (PSID)&Ace->SidStart;
117
118 /* attempt to translate the SID into a readable string */
119 if (!LookupAccountSid(NULL,
120 Sid,
121 Name,
122 &NameSize,
123 Domain,
124 &DomainSize,
125 &Use))
126 {
127 if (GetLastError() == ERROR_NONE_MAPPED || NameSize == 0)
128 {
129 goto BuildSidString;
130 }
131 else
132 {
133 if (GetLastError() != ERROR_INSUFFICIENT_BUFFER)
134 {
135 Error = TRUE;
136 break;
137 }
138
139 Name = (LPTSTR)HeapAlloc(GetProcessHeap(),
140 0,
141 (NameSize + DomainSize) * sizeof(TCHAR));
142 if (Name == NULL)
143 {
144 SetLastError(ERROR_NOT_ENOUGH_MEMORY);
145 Error = TRUE;
146 break;
147 }
148
149 Domain = Name + NameSize;
150 Name[0] = _T('\0');
151 if (DomainSize != 0)
152 Domain[0] = _T('\0');
153 if (!LookupAccountSid(NULL,
154 Sid,
155 Name,
156 &NameSize,
157 Domain,
158 &DomainSize,
159 &Use))
160 {
161 HeapFree(GetProcessHeap(),
162 0,
163 Name);
164 Name = NULL;
165 goto BuildSidString;
166 }
167 }
168 }
169 else
170 {
171BuildSidString:
172 if (!ConvertSidToStringSid(Sid,
173 &SidString))
174 {
175 Error = TRUE;
176 break;
177 }
178 }
179
180 /* print the file name or space */
181 ConPrintf(StdOut, L"%s ", FullFileName);
182
183 /* attempt to map the SID to a user name */
184 if (AceIndex == 0)
185 {
186 size_t i = 0;
187
188 /* overwrite the full file name with spaces so we
189 only print the file name once */
190 while (FullFileName[i] != _T('\0'))
191 FullFileName[i++] = _T(' ');
192 }
193
194 /* print the domain and/or user if possible, or the SID string */
195 if (Name != NULL && Domain[0] != _T('\0'))
196 {
197 ConPrintf(StdOut, L"%s\\%s:", Domain, Name);
198 IndentAccess = _tcslen(Domain) + _tcslen(Name);
199 }
200 else
201 {
202 LPTSTR DisplayString = (Name != NULL ? Name : SidString);
203
204 ConPrintf(StdOut, L"%s:", DisplayString);
205 IndentAccess = _tcslen(DisplayString);
206 }
207
208 /* print the ACE Flags */
209 if (Ace->Header.AceFlags & CONTAINER_INHERIT_ACE)
210 {
211 IndentAccess += (size_t)ConResPuts(StdOut, IDS_ABBR_CI);
212 }
213 if (Ace->Header.AceFlags & OBJECT_INHERIT_ACE)
214 {
215 IndentAccess += (size_t)ConResPuts(StdOut, IDS_ABBR_OI);
216 }
217 if (Ace->Header.AceFlags & INHERIT_ONLY_ACE)
218 {
219 IndentAccess += (size_t)ConResPuts(StdOut, IDS_ABBR_IO);
220 }
221
222 IndentAccess += 2;
223
224 /* print the access rights */
225 MapGenericMask(&AccessMask,
226 &FileGenericMapping);
227 if (Ace->Header.AceType & ACCESS_DENIED_ACE_TYPE)
228 {
229 if (AccessMask == FILE_ALL_ACCESS)
230 {
231 ConResPuts(StdOut, IDS_ABBR_NONE);
232 }
233 else
234 {
235 ConResPuts(StdOut, IDS_DENY);
236 goto PrintSpecialAccess;
237 }
238 }
239 else
240 {
241 if (AccessMask == FILE_ALL_ACCESS)
242 {
243 ConResPuts(StdOut, IDS_ABBR_FULL);
244 }
245 else if (!(Ace->Mask & (GENERIC_READ | GENERIC_EXECUTE)) &&
246 AccessMask == (FILE_GENERIC_READ | FILE_EXECUTE))
247 {
248 ConResPuts(StdOut, IDS_ABBR_READ);
249 }
250 else if (AccessMask == (FILE_GENERIC_READ | FILE_GENERIC_WRITE | FILE_EXECUTE | DELETE))
251 {
252 ConResPuts(StdOut, IDS_ABBR_CHANGE);
253 }
254 else if (AccessMask == FILE_GENERIC_WRITE)
255 {
256 ConResPuts(StdOut, IDS_ABBR_WRITE);
257 }
258 else
259 {
260 DWORD x;
261 static const struct
262 {
263 DWORD Access;
264 UINT uID;
265 }
266 AccessRights[] =
267 {
268 {FILE_WRITE_ATTRIBUTES, IDS_FILE_WRITE_ATTRIBUTES},
269 {FILE_READ_ATTRIBUTES, IDS_FILE_READ_ATTRIBUTES},
270 {FILE_DELETE_CHILD, IDS_FILE_DELETE_CHILD},
271 {FILE_EXECUTE, IDS_FILE_EXECUTE},
272 {FILE_WRITE_EA, IDS_FILE_WRITE_EA},
273 {FILE_READ_EA, IDS_FILE_READ_EA},
274 {FILE_APPEND_DATA, IDS_FILE_APPEND_DATA},
275 {FILE_WRITE_DATA, IDS_FILE_WRITE_DATA},
276 {FILE_READ_DATA, IDS_FILE_READ_DATA},
277 {FILE_GENERIC_EXECUTE, IDS_FILE_GENERIC_EXECUTE},
278 {FILE_GENERIC_WRITE, IDS_FILE_GENERIC_WRITE},
279 {FILE_GENERIC_READ, IDS_FILE_GENERIC_READ},
280 {GENERIC_ALL, IDS_GENERIC_ALL},
281 {GENERIC_EXECUTE, IDS_GENERIC_EXECUTE},
282 {GENERIC_WRITE, IDS_GENERIC_WRITE},
283 {GENERIC_READ, IDS_GENERIC_READ},
284 {MAXIMUM_ALLOWED, IDS_MAXIMUM_ALLOWED},
285 {ACCESS_SYSTEM_SECURITY, IDS_ACCESS_SYSTEM_SECURITY},
286 {SPECIFIC_RIGHTS_ALL, IDS_SPECIFIC_RIGHTS_ALL},
287 {STANDARD_RIGHTS_REQUIRED, IDS_STANDARD_RIGHTS_REQUIRED},
288 {SYNCHRONIZE, IDS_SYNCHRONIZE},
289 {WRITE_OWNER, IDS_WRITE_OWNER},
290 {WRITE_DAC, IDS_WRITE_DAC},
291 {READ_CONTROL, IDS_READ_CONTROL},
292 {DELETE, IDS_DELETE},
293 {STANDARD_RIGHTS_ALL, IDS_STANDARD_RIGHTS_ALL},
294 };
295
296 ConResPuts(StdOut, IDS_ALLOW);
297
298PrintSpecialAccess:
299 ConResPuts(StdOut, IDS_SPECIAL_ACCESS);
300
301 /* print the special access rights */
302 x = ARRAYSIZE(AccessRights);
303 while (x-- != 0)
304 {
305 if ((Ace->Mask & AccessRights[x].Access) == AccessRights[x].Access)
306 {
307 ConPrintf(StdOut, L"\n%s ", FullFileName);
308 ConPrintf(StdOut, L"%*s", IndentAccess, L"");
309 ConResPuts(StdOut, AccessRights[x].uID);
310 }
311 }
312
313 ConPuts(StdOut, L"\n");
314 }
315 }
316
317 ConPuts(StdOut, L"\n");
318
319 /* free up all resources */
320 if (Name != NULL)
321 {
322 HeapFree(GetProcessHeap(),
323 0,
324 Name);
325 }
326
327 if (SidString != NULL)
328 {
329 LocalFree((HLOCAL)SidString);
330 }
331
332 AceIndex++;
333 }
334
335 if (!Error)
336 Ret = TRUE;
337 }
338 else
339 {
340 SetLastError(ERROR_NO_SECURITY_ON_OBJECT);
341 }
342 }
343 }
344
345 HeapFree(GetProcessHeap(),
346 0,
347 SecurityDescriptor);
348 }
349 else
350 {
351 SetLastError(ERROR_NOT_ENOUGH_MEMORY);
352 }
353
354 return Ret;
355}
356
357/* Add a backslash at the end of a path string if necessary */
358static VOID
359AddBackslash(LPTSTR FilePath)
360{
361 /* Find the last backslash. If there is none, or if it doesn't
362 * terminate the string, then append a backslash. */
363 LPTSTR pch = _tcsrchr(FilePath, _T('\\'));
364 if (!pch || *(pch+1))
365 _tcscat(FilePath, _T("\\"));
366}
367
368static BOOL
369GetPathOfFile(LPTSTR FilePath, LPCTSTR pszFiles)
370{
371 TCHAR FullPath[MAX_PATH];
372 LPTSTR pch;
373 DWORD attrs;
374
375 _tcsncpy(FilePath, pszFiles, MAX_PATH);
376 pch = _tcsrchr(FilePath, _T('\\'));
377 if (pch != NULL)
378 {
379 *pch = 0;
380 if (!GetFullPathName(FilePath, MAX_PATH, FullPath, NULL))
381 {
382 PrintError(GetLastError());
383 return FALSE;
384 }
385 _tcsncpy(FilePath, FullPath, MAX_PATH);
386
387 attrs = GetFileAttributes(FilePath);
388 if (attrs == 0xFFFFFFFF || !(attrs & FILE_ATTRIBUTE_DIRECTORY))
389 {
390 PrintError(ERROR_DIRECTORY);
391 return FALSE;
392 }
393 }
394 else
395 GetCurrentDirectory(MAX_PATH, FilePath);
396
397 AddBackslash(FilePath);
398 return TRUE;
399}
400
401static BOOL
402PrintDaclsOfFiles(LPCTSTR pszFiles)
403{
404 TCHAR FilePath[MAX_PATH];
405 WIN32_FIND_DATA FindData;
406 HANDLE hFind;
407 DWORD LastError;
408
409 /*
410 * get the file path
411 */
412 if (!GetPathOfFile(FilePath, pszFiles))
413 return FALSE;
414
415 /*
416 * search for the files
417 */
418 hFind = FindFirstFile(pszFiles, &FindData);
419 if (hFind == INVALID_HANDLE_VALUE)
420 return FALSE;
421 do
422 {
423 if (FindData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
424 continue;
425
426 if (!PrintFileDacl(FilePath, FindData.cFileName))
427 {
428 LastError = GetLastError();
429 if (LastError == ERROR_ACCESS_DENIED)
430 {
431 PrintError(LastError);
432 if (!OptionC)
433 {
434 FindClose(hFind);
435 return FALSE;
436 }
437 }
438 else
439 {
440 break;
441 }
442 }
443 else
444 {
445 ConPuts(StdOut, L"\n");
446 }
447 } while (FindNextFile(hFind, &FindData));
448 LastError = GetLastError();
449 FindClose(hFind);
450
451 if (LastError != ERROR_NO_MORE_FILES)
452 {
453 PrintError(LastError);
454 return FALSE;
455 }
456
457 return TRUE;
458}
459
460static BOOL
461GrantUserAccessRights(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User, TCHAR Perm)
462{
463 /* TODO & FIXME */
464 switch(Perm)
465 {
466 case _T('R'): // Read
467 break;
468 case _T('W'): // Write
469 break;
470 case _T('C'): // Change (write)
471 break;
472 case _T('F'): // Full control
473 break;
474 default:
475 break;
476 }
477 return FALSE;
478}
479
480static BOOL
481ReplaceUserAccessRights(
482 LPCTSTR FilePath,
483 LPCTSTR File,
484 LPCTSTR User,
485 TCHAR Perm)
486{
487 /* TODO & FIXME */
488 switch(Perm)
489 {
490 case _T('N'): // None
491 break;
492 case _T('R'): // Read
493 break;
494 case _T('W'): // Write
495 break;
496 case _T('C'): // Change (write)
497 break;
498 case _T('F'): // Full control
499 break;
500 default:
501 break;
502 }
503 return FALSE;
504}
505
506static BOOL
507EditUserAccessRights(
508 LPCTSTR FilePath,
509 LPCTSTR File,
510 LPCTSTR User,
511 TCHAR Perm)
512{
513 /* TODO & FIXME */
514 switch(Perm)
515 {
516 case _T('N'): // None
517 break;
518 case _T('R'): // Read
519 break;
520 case _T('W'): // Write
521 break;
522 case _T('C'): // Change (write)
523 break;
524 case _T('F'): // Full control
525 break;
526 default:
527 break;
528 }
529 return FALSE;
530}
531
532static BOOL
533DenyUserAccess(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User)
534{
535 /* TODO & FIXME */
536 return FALSE;
537}
538
539static BOOL
540RevokeUserAccessRights(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User)
541{
542 /* TODO & FIXME */
543 return FALSE;
544}
545
546static BOOL
547ChangeFileACL(LPCTSTR FilePath, LPCTSTR File)
548{
549 if (OptionG)
550 {
551 /* Grant specified user access rights. */
552 GrantUserAccessRights(FilePath, File, GUser, *GPerm);
553 }
554
555 if (OptionP)
556 {
557 if (!OptionE)
558 {
559 /* Replace specified user's access rights. */
560 ReplaceUserAccessRights(FilePath, File, PUser, *PPerm);
561 }
562 else
563 {
564 /* Edit ACL instead of replacing it. */
565 EditUserAccessRights(FilePath, File, PUser, *PPerm);
566 }
567 }
568
569 if (OptionD)
570 {
571 /* Deny specified user access. */
572 DenyUserAccess(FilePath, File, DUser);
573 }
574
575 if (OptionR)
576 {
577 /* Revoke specified user's access rights. */
578 RevokeUserAccessRights(FilePath, File, RUser);
579 }
580
581 return TRUE;
582}
583
584static BOOL
585ChangeACLsOfFiles(LPCTSTR pszFiles)
586{
587 TCHAR FilePath[MAX_PATH];
588 HANDLE hFind;
589 WIN32_FIND_DATA FindData;
590 DWORD LastError;
591
592 /*
593 * get the file path
594 */
595 if (!GetPathOfFile(FilePath, pszFiles))
596 return FALSE;
597
598 /*
599 * search for files in current directory
600 */
601 hFind = FindFirstFile(pszFiles, &FindData);
602 if (hFind == INVALID_HANDLE_VALUE)
603 return FALSE;
604 do
605 {
606 if (FindData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
607 continue;
608
609 if (!ChangeFileACL(FilePath, FindData.cFileName))
610 {
611 LastError = GetLastError();
612 if (LastError == ERROR_ACCESS_DENIED)
613 {
614 PrintError(LastError);
615 if (!OptionC)
616 {
617 FindClose(hFind);
618 return FALSE;
619 }
620 }
621 else
622 break;
623 }
624 } while (FindNextFile(hFind, &FindData));
625 LastError = GetLastError();
626 FindClose(hFind);
627
628 if (LastError != ERROR_NO_MORE_FILES)
629 {
630 PrintError(LastError);
631 return FALSE;
632 }
633
634 return TRUE;
635}
636
637static BOOL
638ChangeACLsOfFilesInCurDir(LPCTSTR pszFiles)
639{
640 HANDLE hFind;
641 WIN32_FIND_DATA FindData;
642 TCHAR szCurDir[MAX_PATH];
643 DWORD LastError;
644
645 /*
646 * get the file path (current directory)
647 */
648 GetCurrentDirectory(MAX_PATH, szCurDir);
649 AddBackslash(szCurDir);
650
651 /*
652 * search for files in current directory
653 */
654 hFind = FindFirstFile(pszFiles, &FindData);
655 if (hFind == INVALID_HANDLE_VALUE)
656 return FALSE;
657 do
658 {
659 if (FindData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
660 continue;
661
662 if (!ChangeFileACL(szCurDir, FindData.cFileName))
663 {
664 LastError = GetLastError();
665 if (LastError == ERROR_ACCESS_DENIED)
666 {
667 PrintError(LastError);
668 if (!OptionC)
669 {
670 FindClose(hFind);
671 return FALSE;
672 }
673 }
674 else
675 break;
676 }
677 } while (FindNextFile(hFind, &FindData));
678 LastError = GetLastError();
679 FindClose(hFind);
680
681 if (LastError != ERROR_NO_MORE_FILES)
682 {
683 PrintError(LastError);
684 return FALSE;
685 }
686
687 /*
688 * search for subdirectory in current directory
689 */
690 hFind = FindFirstFile(_T("*"), &FindData);
691 if (hFind == INVALID_HANDLE_VALUE)
692 return FALSE;
693 do
694 {
695 if (_tcscmp(FindData.cFileName, _T(".")) == 0 ||
696 _tcscmp(FindData.cFileName, _T("..")) == 0)
697 continue;
698
699 if (FindData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
700 {
701 GetCurrentDirectory(MAX_PATH, szCurDir);
702 if (SetCurrentDirectory(FindData.cFileName))
703 {
704 ChangeACLsOfFilesInCurDir(pszFiles);
705 SetCurrentDirectory(szCurDir);
706 }
707 else
708 {
709 LastError = GetLastError();
710 if (LastError == ERROR_ACCESS_DENIED)
711 {
712 PrintError(LastError);
713 if (!OptionC)
714 {
715 FindClose(hFind);
716 return FALSE;
717 }
718 }
719 else
720 break;
721 }
722 }
723 } while (FindNextFile(hFind, &FindData));
724 LastError = GetLastError();
725 FindClose(hFind);
726
727 if (LastError != ERROR_NO_MORE_FILES)
728 {
729 PrintError(LastError);
730 return FALSE;
731 }
732 return TRUE;
733}
734
735int _tmain(int argc, const TCHAR *argv[])
736{
737 INT i;
738 LPTSTR pch;
739 BOOL InvalidParameter = FALSE;
740
741 /* Initialize the Console Standard Streams */
742 ConInitStdStreams();
743
744 if (argc <= 1)
745 {
746 ConResPuts(StdOut, IDS_HELP);
747 return 0;
748 }
749
750 // FIXME: Convert to proper parsing, with support for /?
751
752 /*
753 * parse command line options
754 */
755 for (i = 2; i < argc; i++)
756 {
757 if (_tcsicmp(argv[i], _T("/T")) == 0)
758 {
759 OptionT = TRUE;
760 }
761 else if (_tcsicmp(argv[i], _T("/E")) == 0)
762 {
763 OptionE = TRUE;
764 }
765 else if (_tcsicmp(argv[i], _T("/C")) == 0)
766 {
767 OptionC = TRUE;
768 }
769 else if (_tcsicmp(argv[i], _T("/G")) == 0)
770 {
771 if (i + 1 < argc)
772 {
773 pch = _tcschr(argv[++i], _T(':'));
774 if (pch != NULL)
775 {
776 OptionG = TRUE;
777 *pch = 0;
778 GUser = argv[i];
779 GPerm = pch + 1;
780 continue;
781 }
782 }
783 InvalidParameter = TRUE;
784 break;
785 }
786 else if (_tcsicmp(argv[i], _T("/R")) == 0)
787 {
788 if (i + 1 < argc)
789 {
790 RUser = argv[++i];
791 OptionR = TRUE;
792 continue;
793 }
794 InvalidParameter = TRUE;
795 break;
796 }
797 else if (_tcsicmp(argv[i], _T("/P")) == 0)
798 {
799 if (i + 1 < argc)
800 {
801 pch = _tcschr(argv[++i], _T(':'));
802 if (pch != NULL)
803 {
804 OptionP = TRUE;
805 *pch = 0;
806 PUser = argv[i];
807 PPerm = pch + 1;
808 continue;
809 }
810 }
811 InvalidParameter = TRUE;
812 break;
813 }
814 else if (_tcsicmp(argv[i], _T("/D")) == 0)
815 {
816 if (i + 1 < argc)
817 {
818 OptionD = TRUE;
819 DUser = argv[++i];
820 continue;
821 }
822 InvalidParameter = TRUE;
823 break;
824 }
825 else
826 {
827 InvalidParameter = TRUE;
828 break;
829 }
830 }
831
832 if (InvalidParameter)
833 {
834 PrintError(ERROR_INVALID_PARAMETER);
835 ConResPuts(StdOut, IDS_HELP);
836 return 1;
837 }
838
839 /* /R is only valid with /E */
840 if (OptionR && !OptionE)
841 {
842 OptionR = FALSE;
843 }
844
845 PrintDaclsOfFiles(argv[1]);
846
847 if (OptionT)
848 {
849 ChangeACLsOfFilesInCurDir(argv[1]);
850 }
851 else
852 {
853 ChangeACLsOfFiles(argv[1]);
854 }
855
856 return 0;
857}
FilePath
PCWSTR FilePath
Definition: PrivateExtractIcons.c:81
IDS_ALLOW
#define IDS_ALLOW
Definition: resource.h:12
IDS_ABBR_FULL
#define IDS_ABBR_FULL
Definition: resource.h:7
IDS_ABBR_WRITE
#define IDS_ABBR_WRITE
Definition: resource.h:9
IDS_GENERIC_READ
#define IDS_GENERIC_READ
Definition: resource.h:16
IDS_FILE_APPEND_DATA
#define IDS_FILE_APPEND_DATA
Definition: resource.h:25
IDS_STANDARD_RIGHTS_ALL
#define IDS_STANDARD_RIGHTS_ALL
Definition: resource.h:41
IDS_FILE_READ_EA
#define IDS_FILE_READ_EA
Definition: resource.h:26
IDS_FILE_READ_ATTRIBUTES
#define IDS_FILE_READ_ATTRIBUTES
Definition: resource.h:30
IDS_READ_CONTROL
#define IDS_READ_CONTROL
Definition: resource.h:39
IDS_ABBR_READ
#define IDS_ABBR_READ
Definition: resource.h:8
IDS_FILE_GENERIC_WRITE
#define IDS_FILE_GENERIC_WRITE
Definition: resource.h:22
IDS_ABBR_OI
#define IDS_ABBR_OI
Definition: resource.h:5
IDS_GENERIC_EXECUTE
#define IDS_GENERIC_EXECUTE
Definition: resource.h:18
IDS_GENERIC_WRITE
#define IDS_GENERIC_WRITE
Definition: resource.h:17
IDS_DELETE
#define IDS_DELETE
Definition: resource.h:40
IDS_SPECIFIC_RIGHTS_ALL
#define IDS_SPECIFIC_RIGHTS_ALL
Definition: resource.h:34
IDS_FILE_READ_DATA
#define IDS_FILE_READ_DATA
Definition: resource.h:23
IDS_FILE_EXECUTE
#define IDS_FILE_EXECUTE
Definition: resource.h:28
IDS_FILE_GENERIC_EXECUTE
#define IDS_FILE_GENERIC_EXECUTE
Definition: resource.h:20
IDS_SYNCHRONIZE
#define IDS_SYNCHRONIZE
Definition: resource.h:36
IDS_WRITE_DAC
#define IDS_WRITE_DAC
Definition: resource.h:38
IDS_FILE_DELETE_CHILD
#define IDS_FILE_DELETE_CHILD
Definition: resource.h:29
IDS_SPECIAL_ACCESS
#define IDS_SPECIAL_ACCESS
Definition: resource.h:14
IDS_FILE_WRITE_EA
#define IDS_FILE_WRITE_EA
Definition: resource.h:27
IDS_FILE_WRITE_DATA
#define IDS_FILE_WRITE_DATA
Definition: resource.h:24
IDS_MAXIMUM_ALLOWED
#define IDS_MAXIMUM_ALLOWED
Definition: resource.h:32
IDS_WRITE_OWNER
#define IDS_WRITE_OWNER
Definition: resource.h:37
IDS_GENERIC_ALL
#define IDS_GENERIC_ALL
Definition: resource.h:19
IDS_FILE_WRITE_ATTRIBUTES
#define IDS_FILE_WRITE_ATTRIBUTES
Definition: resource.h:31
IDS_ABBR_IO
#define IDS_ABBR_IO
Definition: resource.h:6
IDS_STANDARD_RIGHTS_REQUIRED
#define IDS_STANDARD_RIGHTS_REQUIRED
Definition: resource.h:35
IDS_ABBR_NONE
#define IDS_ABBR_NONE
Definition: resource.h:11
IDS_FILE_GENERIC_READ
#define IDS_FILE_GENERIC_READ
Definition: resource.h:21
IDS_DENY
#define IDS_DENY
Definition: resource.h:13
IDS_ACCESS_SYSTEM_SECURITY
#define IDS_ACCESS_SYSTEM_SECURITY
Definition: resource.h:33
IDS_ABBR_CHANGE
#define IDS_ABBR_CHANGE
Definition: resource.h:10
IDS_ABBR_CI
#define IDS_ABBR_CI
Definition: resource.h:4
IDS_HELP
#define IDS_HELP
Definition: resource.h:3
DisplayString
VOID DisplayString(LPWSTR Msg)
Definition: misc.c:211
Error
BOOL Error
Definition: chkdsk.c:66
PUser
LPCTSTR PUser
Definition: cacls.c:25
DenyUserAccess
static BOOL DenyUserAccess(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User)
Definition: cacls.c:533
PrintFileDacl
static BOOL PrintFileDacl(IN LPTSTR FilePath, IN LPTSTR FileName)
Definition: cacls.c:47
PrintError
static VOID PrintError(DWORD dwError)
Definition: cacls.c:37
OptionR
BOOL OptionR
Definition: cacls.c:24
GUser
LPCTSTR GUser
Definition: cacls.c:25
ChangeFileACL
static BOOL ChangeFileACL(LPCTSTR FilePath, LPCTSTR File)
Definition: cacls.c:547
GrantUserAccessRights
static BOOL GrantUserAccessRights(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User, TCHAR Perm)
Definition: cacls.c:461
ReplaceUserAccessRights
static BOOL ReplaceUserAccessRights(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User, TCHAR Perm)
Definition: cacls.c:481
OptionP
BOOL OptionP
Definition: cacls.c:24
OptionD
BOOL OptionD
Definition: cacls.c:24
PPerm
LPCTSTR PPerm
Definition: cacls.c:25
FileGenericMapping
static GENERIC_MAPPING FileGenericMapping
Definition: cacls.c:27
PrintDaclsOfFiles
static BOOL PrintDaclsOfFiles(LPCTSTR pszFiles)
Definition: cacls.c:402
DUser
LPCTSTR DUser
Definition: cacls.c:25
AddBackslash
static VOID AddBackslash(LPTSTR FilePath)
Definition: cacls.c:359
OptionE
BOOL OptionE
Definition: cacls.c:23
EditUserAccessRights
static BOOL EditUserAccessRights(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User, TCHAR Perm)
Definition: cacls.c:507
GPerm
LPCTSTR GPerm
Definition: cacls.c:25
OptionC
BOOL OptionC
Definition: cacls.c:23
ChangeACLsOfFiles
static BOOL ChangeACLsOfFiles(LPCTSTR pszFiles)
Definition: cacls.c:585
ChangeACLsOfFilesInCurDir
static BOOL ChangeACLsOfFilesInCurDir(LPCTSTR pszFiles)
Definition: cacls.c:638
GetPathOfFile
static BOOL GetPathOfFile(LPTSTR FilePath, LPCTSTR pszFiles)
Definition: cacls.c:369
OptionG
BOOL OptionG
Definition: cacls.c:24
RUser
LPCTSTR RUser
Definition: cacls.c:25
OptionT
BOOL OptionT
Definition: cacls.c:23
RevokeUserAccessRights
static BOOL RevokeUserAccessRights(LPCTSTR FilePath, LPCTSTR File, LPCTSTR User)
Definition: cacls.c:540
Ace
@ Ace
Definition: card.h:12
File
Definition: File.h:16
ConPuts
void ConPuts(FILE *fp, LPCWSTR psz)
Definition: conutils_noros.h:8
ConInitStdStreams
#define ConInitStdStreams()
Definition: conutils_noros.h:5
ConPrintf
void ConPrintf(FILE *fp, LPCWSTR psz,...)
Definition: conutils_noros.h:12
StdOut
#define StdOut
Definition: conutils_noros.h:6
StdErr
#define StdErr
Definition: conutils_noros.h:7
ConResPuts
void ConResPuts(FILE *fp, UINT nID)
Definition: conutils_noros.h:19
ERROR_NOT_ENOUGH_MEMORY
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
ERROR_INSUFFICIENT_BUFFER
#define ERROR_INSUFFICIENT_BUFFER
Definition: dderror.h:10
ERROR_SUCCESS
#define ERROR_SUCCESS
Definition: deptool.c:10
Name
LPWSTR Name
Definition: desk.c:124
NULL
#define NULL
Definition: types.h:112
TRUE
#define TRUE
Definition: types.h:120
FALSE
#define FALSE
Definition: types.h:117
ARRAYSIZE
#define ARRAYSIZE(array)
Definition: filtermapper.c:47
GetAce
BOOL WINAPI GetAce(PACL pAcl, DWORD dwAceIndex, LPVOID *pAce)
Definition: security.c:1186
GetProcessHeap
#define GetProcessHeap()
Definition: compat.h:736
ERROR_INVALID_PARAMETER
#define ERROR_INVALID_PARAMETER
Definition: compat.h:101
SetLastError
#define SetLastError(x)
Definition: compat.h:752
INVALID_HANDLE_VALUE
#define INVALID_HANDLE_VALUE
Definition: compat.h:731
HeapAlloc
#define HeapAlloc
Definition: compat.h:733
GENERIC_READ
#define GENERIC_READ
Definition: compat.h:135
MAX_PATH
#define MAX_PATH
Definition: compat.h:34
HeapFree
#define HeapFree(x, y, z)
Definition: compat.h:735
ERROR_ACCESS_DENIED
#define ERROR_ACCESS_DENIED
Definition: compat.h:97
FindClose
BOOL WINAPI FindClose(HANDLE hFindFile)
Definition: find.c:502
MapGenericMask
void WINAPI MapGenericMask(PDWORD access, PGENERIC_MAPPING mapping)
Definition: security.c:1445
argc
MonoAssembly int argc
Definition: metahost.c:107
size_t
unsigned int size_t
Definition: corecrt.h:203
L
#define L(x)
Definition: resources.c:13
BOOL
unsigned int BOOL
Definition: ntddk_ex.h:94
DWORD
unsigned long DWORD
Definition: ntddk_ex.h:95
InvalidParameter
@ InvalidParameter
Definition: gdiplustypes.h:28
x
GLint GLint GLint GLint GLint x
Definition: gl.h:1548
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
LocalFree
HLOCAL NTAPI LocalFree(HLOCAL hMem)
Definition: heapmem.c:1594
TCHAR
char TCHAR
Definition: tchar.h:1402
_tcscmp
#define _tcscmp
Definition: tchar.h:1424
_tcscat
#define _tcscat
Definition: tchar.h:622
_tcscpy
#define _tcscpy
Definition: tchar.h:623
_tcsncpy
#define _tcsncpy
Definition: tchar.h:1410
_tmain
#define _tmain
Definition: tchar.h:497
_tcslen
#define _tcslen
Definition: tchar.h:626
_tcsicmp
#define _tcsicmp
Definition: tchar.h:1425
_tcschr
#define _tcschr
Definition: tchar.h:1406
_tcsrchr
#define _tcsrchr
Definition: tchar.h:1413
if
if(dx< 0)
Definition: linetemp.h:194
SID_NAME_USE
enum _SID_NAME_USE SID_NAME_USE
pch
#define pch(ap)
Definition: match.c:418
ERROR_FILE_NOT_FOUND
#define ERROR_FILE_NOT_FOUND
Definition: disk.h:79
argv
#define argv
Definition: mplay32.c:18
PSID
struct _SID * PSID
Definition: eventlog.c:37
PSECURITY_DESCRIPTOR
struct _SECURITY_DESCRIPTOR * PSECURITY_DESCRIPTOR
Definition: rtl.c:119
LPTSTR
LPSTR LPTSTR
Definition: ms-dtyp.idl:131
LPCTSTR
LPCSTR LPCTSTR
Definition: ms-dtyp.idl:130
UINT
unsigned int UINT
Definition: ndis.h:50
AccessMask
_In_ ACCESS_MASK AccessMask
Definition: exfuncs.h:186
Domain
_In_ ULONG Domain
Definition: haltypes.h:1814
Dacl
_Out_writes_bytes_to_opt_ AbsoluteSecurityDescriptorSize PSECURITY_DESCRIPTOR _Inout_ PULONG _Out_writes_bytes_to_opt_ DaclSize PACL Dacl
Definition: rtlfuncs.h:1625
DaclPresent
_In_ BOOLEAN DaclPresent
Definition: rtlfuncs.h:1667
Sid
_In_ ULONG _In_ ACCESS_MASK _In_ PSID Sid
Definition: rtlfuncs.h:1165
DaclDefaulted
_In_ BOOLEAN _In_opt_ PACL _In_opt_ BOOLEAN DaclDefaulted
Definition: rtlfuncs.h:1670
SPECIFIC_RIGHTS_ALL
#define SPECIFIC_RIGHTS_ALL
Definition: nt_native.h:71
SYNCHRONIZE
#define SYNCHRONIZE
Definition: nt_native.h:61
FILE_WRITE_DATA
#define FILE_WRITE_DATA
Definition: nt_native.h:631
WRITE_DAC
#define WRITE_DAC
Definition: nt_native.h:59
FILE_READ_DATA
#define FILE_READ_DATA
Definition: nt_native.h:628
FILE_GENERIC_EXECUTE
#define FILE_GENERIC_EXECUTE
Definition: nt_native.h:668
ACCESS_SYSTEM_SECURITY
#define ACCESS_SYSTEM_SECURITY
Definition: nt_native.h:77
FILE_READ_ATTRIBUTES
#define FILE_READ_ATTRIBUTES
Definition: nt_native.h:647
FILE_DELETE_CHILD
#define FILE_DELETE_CHILD
Definition: nt_native.h:645
FILE_READ_EA
#define FILE_READ_EA
Definition: nt_native.h:638
FILE_EXECUTE
#define FILE_EXECUTE
Definition: nt_native.h:642
FILE_WRITE_ATTRIBUTES
#define FILE_WRITE_ATTRIBUTES
Definition: nt_native.h:649
STANDARD_RIGHTS_ALL
#define STANDARD_RIGHTS_ALL
Definition: nt_native.h:69
FILE_APPEND_DATA
#define FILE_APPEND_DATA
Definition: nt_native.h:634
GENERIC_ALL
#define GENERIC_ALL
Definition: nt_native.h:92
FILE_ATTRIBUTE_DIRECTORY
#define FILE_ATTRIBUTE_DIRECTORY
Definition: nt_native.h:705
DELETE
#define DELETE
Definition: nt_native.h:57
READ_CONTROL
#define READ_CONTROL
Definition: nt_native.h:58
FILE_ALL_ACCESS
#define FILE_ALL_ACCESS
Definition: nt_native.h:651
WRITE_OWNER
#define WRITE_OWNER
Definition: nt_native.h:60
GENERIC_WRITE
#define GENERIC_WRITE
Definition: nt_native.h:90
FILE_GENERIC_READ
#define FILE_GENERIC_READ
Definition: nt_native.h:653
FILE_WRITE_EA
#define FILE_WRITE_EA
Definition: nt_native.h:640
GENERIC_EXECUTE
#define GENERIC_EXECUTE
Definition: nt_native.h:91
MAXIMUM_ALLOWED
#define MAXIMUM_ALLOWED
Definition: nt_native.h:83
FILE_GENERIC_WRITE
#define FILE_GENERIC_WRITE
Definition: nt_native.h:660
STANDARD_RIGHTS_REQUIRED
#define STANDARD_RIGHTS_REQUIRED
Definition: nt_native.h:63
Length
_In_ ULONG _In_ ULONG _In_ ULONG Length
Definition: ntddpcm.h:102
ConMsgPuts
INT ConMsgPuts(IN PCON_STREAM Stream, IN DWORD dwFlags, IN LPCVOID lpSource OPTIONAL, IN DWORD dwMessageId, IN DWORD dwLanguageId)
Definition: outstream.c:835
uID
_In_ UINT uID
Definition: shlwapi.h:156
ConvertSidToStringSid
#define ConvertSidToStringSid
Definition: sddl.h:160
GetSecurityDescriptorDacl
BOOL WINAPI GetSecurityDescriptorDacl(PSECURITY_DESCRIPTOR pSecurityDescriptor, LPBOOL lpbDaclPresent, PACL *pDacl, LPBOOL lpbDaclDefaulted)
Definition: sec.c:45
WIN32_FIND_DATAA
Definition: shtypes.idl:80
_ACCESS_ALLOWED_ACE
Definition: ms-dtyp.idl:215
_ACL
Definition: ms-dtyp.idl:293
_FileName
Definition: filecomp.c:348
_GENERIC_MAPPING
Definition: nt_native.h:564
_SECURITY_DESCRIPTOR
Definition: ms-dtyp.idl:301
_SID
Definition: ms-dtyp.idl:198
LANG_USER_DEFAULT
#define LANG_USER_DEFAULT
Definition: tnerror.cpp:50
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:80
INT
int32_t INT
Definition: typedefs.h:58
IN
#define IN
Definition: typedefs.h:39
_T
#define _T(x)
Definition: vfdio.h:22
GetLastError
DWORD WINAPI GetLastError(void)
Definition: except.c:1042
LookupAccountSid
#define LookupAccountSid
Definition: winbase.h:3616
GetFileAttributes
#define GetFileAttributes
Definition: winbase.h:3564
SetCurrentDirectory
#define SetCurrentDirectory
Definition: winbase.h:3652
GetFileSecurity
#define GetFileSecurity
Definition: winbase.h:3566
FORMAT_MESSAGE_FROM_SYSTEM
#define FORMAT_MESSAGE_FROM_SYSTEM
Definition: winbase.h:400
FindNextFile
#define FindNextFile
Definition: winbase.h:3537
FindFirstFile
#define FindFirstFile
Definition: winbase.h:3531
GetCurrentDirectory
#define GetCurrentDirectory
Definition: winbase.h:3554
GetFullPathName
#define GetFullPathName
Definition: winbase.h:3570
ERROR_DIRECTORY
#define ERROR_DIRECTORY
Definition: winerror.h:416
ERROR_NO_SECURITY_ON_OBJECT
#define ERROR_NO_SECURITY_ON_OBJECT
Definition: winerror.h:1176
ERROR_NO_MORE_FILES
#define ERROR_NO_MORE_FILES
Definition: winerror.h:243
ERROR_NONE_MAPPED
#define ERROR_NONE_MAPPED
Definition: winerror.h:1159
SecurityDescriptor
_In_ USHORT _In_ ULONG _In_ PSOCKADDR _In_ PSOCKADDR _Reserved_ ULONG _In_opt_ PVOID _In_opt_ const WSK_CLIENT_CONNECTION_DISPATCH _In_opt_ PEPROCESS _In_opt_ PETHREAD _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor
Definition: wsk.h:191
AceIndex
_In_ ULONG AceIndex
Definition: rtlfuncs.h:1879
CONTAINER_INHERIT_ACE
#define CONTAINER_INHERIT_ACE
Definition: setypes.h:747
INHERIT_ONLY_ACE
#define INHERIT_ONLY_ACE
Definition: setypes.h:749
DACL_SECURITY_INFORMATION
#define DACL_SECURITY_INFORMATION
Definition: setypes.h:125
OBJECT_INHERIT_ACE
#define OBJECT_INHERIT_ACE
Definition: setypes.h:746
ACCESS_DENIED_ACE_TYPE
#define ACCESS_DENIED_ACE_TYPE
Definition: setypes.h:718