Jump to content

Hello. How do you check security attributes of file ?

elGringo

By elGringo
in General

 Share

Recommended Posts

elGringo Advanced Member

elGringo

Posted
Posted

Hello, dear All! How do you check security attributes of file ? Not attributes of file but security attributes?

 

I mean this one, on picture 32.JPG (attachment)

 

If to try to open fileStream with rights like on 32.JPG directly, without TOpenFile for example then we will get Abnormal closing program (see picture 33.JPG (attachment) )

 

tried to use function like

function IsFileOkToRead(const AFilePath : String) : Boolean;
var
    F:TFileStream;
begin
 
 Result:=false;
 if not TFile.Exists(AFilePath) then Exit;
 
 // trying - to open...
 
 
   try
 
        try
 
              F := TFileStream.Create(AFilePath, fmOpenRead);
              Result:=true;
 
            except
 
              on E:EFOpenError do
              raise Exception.Create('Error Message '+E.Message);
 
 
 
              on E: EFileStreamError do
                raise EInOutError.Create(E.Message);
 
              on E: EInOutError do
               raise Exception.Create(E.Message);
 
 
 
                on E: Exception do
               raise Exception.Create(E.Message);
 
            end;
 
   finally
   FreeAndNil(F);
 
 
   end;
 
 
end;

but it doesn't work - error is not catched, but if to try to go with debugger we can see

 

E:EFOpenError 

 

Couldn't find it anywhere on the Internet. So what do you think? How to read security attributes?

 

As I can understand they are created with WinAPI function like this

HANDLE WINAPI CreateFile(
  _In_     LPCTSTR               lpFileName,
  _In_     DWORD                 dwDesiredAccess,
  _In_     DWORD                 dwShareMode,
  _In_opt_ LPSECURITY_ATTRIBUTES lpSecurityAttributes, // <<< How to get this ?
  _In_     DWORD                 dwCreationDisposition,
  _In_     DWORD                 dwFlagsAndAttributes,
  _In_opt_ HANDLE                hTemplateFile
);

post-2378-0-09671000-1484837622_thumb.jpg

post-2378-0-68967300-1484837638_thumb.jpg

mhmda Advanced Member

mhmda

Posted
Posted

I had written a windows service using Delphi that automatic download articles and images from specific sites, I did that by using Indy components, and when saving files to hard desk you can use windows API to change file attributes.

elGringo Advanced Member

elGringo

Posted
  • Author
Posted

I decided the question - decision is

const
 
FILE_READ_DATA = $0001;
FILE_WRITE_DATA = $0002;
FILE_APPEND_DATA = $0004;
FILE_READ_EA = $0008;
FILE_WRITE_EA = $0010;
FILE_EXECUTE = $0020;
FILE_READ_ATTRIBUTES = $0080;
FILE_WRITE_ATTRIBUTES = $0100;
FILE_GENERIC_READ = (STANDARD_RIGHTS_READ or FILE_READ_DATA or
FILE_READ_ATTRIBUTES or FILE_READ_EA or SYNCHRONIZE);
FILE_GENERIC_WRITE = (STANDARD_RIGHTS_WRITE or FILE_WRITE_DATA or
FILE_WRITE_ATTRIBUTES or FILE_WRITE_EA or FILE_APPEND_DATA or SYNCHRONIZE);
FILE_GENERIC_EXECUTE = (STANDARD_RIGHTS_EXECUTE or FILE_READ_ATTRIBUTES or
FILE_EXECUTE or SYNCHRONIZE);
FILE_ALL_ACCESS = STANDARD_RIGHTS_REQUIRED or SYNCHRONIZE or $1FF;
 
 
function CheckFileAccess(const FileName: string; const CheckedAccess: Cardinal): Cardinal;
 
var Token: THandle;
    Status: LongBool;
    Access: Cardinal;
    SecDescSize: Cardinal;
    PrivSetSize: Cardinal;
    PrivSet: PRIVILEGE_SET;
    Mapping: GENERIC_MAPPING;
    SecDesc: PSECURITY_DESCRIPTOR;
 
begin
 
  Result := 0;
 
  GetFileSecurity(
 
  PChar(Filename),
  OWNER_SECURITY_INFORMATION or GROUP_SECURITY_INFORMATION or DACL_SECURITY_INFORMATION,
  nil,
  0,
  SecDescSize
 
  );
 
  SecDesc := GetMemory(SecDescSize);
 
  if GetFileSecurity(
  PChar(Filename),
  OWNER_SECURITY_INFORMATION or GROUP_SECURITY_INFORMATION or DACL_SECURITY_INFORMATION,
  SecDesc,
  SecDescSize,
  SecDescSize) then
 
  begin
 
    ImpersonateSelf(SecurityImpersonation);
    OpenThreadToken(GetCurrentThread, TOKEN_QUERY, False, Token);
 
    if Token <> 0 then
    begin
 
      Mapping.GenericRead := FILE_GENERIC_READ;
      Mapping.GenericWrite := FILE_GENERIC_WRITE;
      Mapping.GenericExecute := FILE_GENERIC_EXECUTE;
      Mapping.GenericAll := FILE_ALL_ACCESS;
 
      MapGenericMask(Access, Mapping);
      PrivSetSize := SizeOf(PrivSet);
 
      AccessCheck(SecDesc, Token, CheckedAccess, Mapping, PrivSet, PrivSetSize, Access, Status);
 
      CloseHandle(Token);
 
      if Status then
        Result := Access;
    end;
 
 
  end;
 
  FreeMem(SecDesc, SecDescSize);
end;
 
// Test
 
if CheckFileAccess(FilePathConst,FILE_WRITE_DATA)=FILE_WRITE_DATA
 
 then
 
 ShowMessage('FILE_WRITE_DATA');

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...