程序使用C编程中的Win32 API获取所有本地用户及其对给定文件的许可

debugcn 发表于 Dev

玛姬

我正在尝试获取给定文件的所有用户详细信息和用户特权。像这样的输出

我应该如何使用C编程中win32 api提供的GetSecurityInfo（）打印此内容？我现在可以使用以下代码来获得文件所有者：

#include <stdio.h>
#include <windows.h>
#include <tchar.h>
#include "accctrl.h"
#include "aclapi.h"
#pragma comment(lib, "advapi32.lib")

int main(void)
{
DWORD dwRtnCode = 0;
PSID pSidOwner = NULL;
BOOL bRtnBool = TRUE;
LPTSTR AcctName = NULL;
LPTSTR DomainName = NULL;
DWORD dwAcctName = 1, dwDomainName = 1;
SID_NAME_USE eUse = SidTypeUnknown;
HANDLE hFile;
PSECURITY_DESCRIPTOR pSD = NULL;

// Get the handle of the file object.
hFile = CreateFile(
                  TEXT("C:/Users/Vicky/Documents/Software/abc.txt"),
                  GENERIC_READ,
                  FILE_SHARE_READ,
                  NULL,
                  OPEN_EXISTING,
                  FILE_ATTRIBUTE_NORMAL,
                  NULL);
                  
// Check GetLastError for CreateFile error code.
if (hFile == INVALID_HANDLE_VALUE) {
          DWORD dwErrorCode = 0;
          dwErrorCode = GetLastError();
          _tprintf(TEXT("CreateFile error = %d\n"), dwErrorCode);
          return -1;
}

// Get the owner SID of the file.
dwRtnCode = GetSecurityInfo(
                  hFile,
                  SE_FILE_OBJECT,
                  OWNER_SECURITY_INFORMATION,
                  &pSidOwner,
                  NULL,
                  NULL,
                  NULL,
                  &pSD);

// Check GetLastError for GetSecurityInfo error condition.
if (dwRtnCode != ERROR_SUCCESS) {
          DWORD dwErrorCode = 0;
          dwErrorCode = GetLastError();
          _tprintf(TEXT("GetSecurityInfo error = %d\n"), dwErrorCode);
          return -1;
}

// First call to LookupAccountSid to get the buffer sizes.
bRtnBool = LookupAccountSid(
                  NULL,           // local computer
                  pSidOwner,
                  AcctName,
                  (LPDWORD)&dwAcctName,
                  DomainName,
                  (LPDWORD)&dwDomainName,
                  &eUse);

// Reallocate memory for the buffers.
AcctName = (LPTSTR)GlobalAlloc(
          GMEM_FIXED,
          dwAcctName);

// Check GetLastError for GlobalAlloc error condition.
if (AcctName == NULL) {
          DWORD dwErrorCode = 0;
          dwErrorCode = GetLastError();
          _tprintf(TEXT("GlobalAlloc error = %d\n"), dwErrorCode);
          return -1;
}

    DomainName = (LPTSTR)GlobalAlloc(
           GMEM_FIXED,
           dwDomainName);

    // Check GetLastError for GlobalAlloc error condition.
    if (DomainName == NULL) {
          DWORD dwErrorCode = 0;
          dwErrorCode = GetLastError();
          _tprintf(TEXT("GlobalAlloc error = %d\n"), dwErrorCode);
          return -1;

    }

    // Second call to LookupAccountSid to get the account name.
    bRtnBool = LookupAccountSid(
          NULL,                   // name of local or remote computer
          pSidOwner,              // security identifier
          AcctName,               // account name buffer
          (LPDWORD)&dwAcctName,   // size of account name buffer 
          DomainName,             // domain name
          (LPDWORD)&dwDomainName, // size of domain name buffer
          &eUse);                 // SID type

    // Check GetLastError for LookupAccountSid error condition.
    if (bRtnBool == FALSE) {
          DWORD dwErrorCode = 0;
          dwErrorCode = GetLastError();

          if (dwErrorCode == ERROR_NONE_MAPPED)
              _tprintf(TEXT
                  ("Account owner not found for specified SID.\n"));
          else 
              _tprintf(TEXT("Error in LookupAccountSid.\n"));
          return -1;

    } else if (bRtnBool == TRUE) 

        // Print the account name.
        _tprintf(TEXT("Account owner = %s\n"), AcctName);

    return 0;
}

Rita Han-MSFT

如果要获取文件的权限条目，如下快照所示：

您可以参考以下示例：

// Get the DACL of the file.
PACL pDACL;
dwRtnCode = GetSecurityInfo(hFile, SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, NULL, NULL, &pDACL, NULL, NULL);
if (dwRtnCode != ERROR_SUCCESS)
{
    return dwRtnCode;
}
PACL pAcl = pDACL;
int aceNum = pDACL->AceCount;
for (int i = 0; i < aceNum; i++)
{
    ACE_HEADER *aceAddr = NULL;
    if (GetAce(pAcl, i, (void**)(&aceAddr)))
    {
        if (ACCESS_ALLOWED_ACE_TYPE == aceAddr->AceType)
        {
            printf("ACE type: Allow, "); 

            ACCESS_MASK access = ((ACCESS_ALLOWED_ACE *)aceAddr)->Mask;

            // Get size of SID
            DWORD size = ((ACCESS_ALLOWED_ACE *)aceAddr)->Header.AceSize - sizeof(ACE_HEADER) - sizeof(ACCESS_MASK);
            if (!size)
                return FALSE;

            BYTE *tempAddr = (BYTE *)aceAddr;

            //Find SID start address
            tempAddr += sizeof(ACE_HEADER) + sizeof(ACCESS_MASK);

            BYTE * pSid = (BYTE *)HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, size);
            RtlCopyMemory(pSid, tempAddr, size);

            // First call to LookupAccountSid to get the buffer sizes.
            bRtnBool = LookupAccountSid(
                NULL,           
                pSid,
                AcctName,
                (LPDWORD)&dwAcctName,
                DomainName,
                (LPDWORD)&dwDomainName,
                &eUse);

            // Reallocate memory for the buffers.
            AcctName = (LPTSTR)GlobalAlloc(
                GMEM_FIXED,
                dwAcctName);

            // Check GetLastError for GlobalAlloc error condition.
            if (AcctName == NULL) {
                DWORD dwErrorCode = 0;
                dwErrorCode = GetLastError();
                _tprintf(TEXT("GlobalAlloc error = %d\n"), dwErrorCode);
                return -1;
            }

            DomainName = (LPTSTR)GlobalAlloc(
                GMEM_FIXED,
                dwDomainName);

            // Check GetLastError for GlobalAlloc error condition.
            if (DomainName == NULL) {
                DWORD dwErrorCode = 0;
                dwErrorCode = GetLastError();
                _tprintf(TEXT("GlobalAlloc error = %d\n"), dwErrorCode);
                return -1;

            }

            // Second call to LookupAccountSid to get the account name.
            bRtnBool = LookupAccountSid(
                NULL,                   // name of local or remote computer
                pSid,              // security identifier
                AcctName,               // account name buffer
                (LPDWORD)&dwAcctName,   // size of account name buffer 
                DomainName,             // domain name
                (LPDWORD)&dwDomainName, // size of domain name buffer
                &eUse);                 // SID type

            // Check GetLastError for LookupAccountSid error condition.
            if (bRtnBool == FALSE) {
                DWORD dwErrorCode = 0;
                dwErrorCode = GetLastError();

                if (dwErrorCode == ERROR_NONE_MAPPED)
                    _tprintf(TEXT
                    ("Account owner not found for specified SID.\n"));
                else
                    _tprintf(TEXT("Error in LookupAccountSid.\n"));
                return -1;

            }
            else if (bRtnBool == TRUE)
            {
                // Print the account name.
                _tprintf(TEXT("Account name = %s, "), AcctName);
            }

            //HeapFree(GetProcessHeap(), HEAP_ZERO_MEMORY, pSid);

            // Check access permissions
            printf("Access: ");
            if (access & SYNCHRONIZE)
                printf("SYNCHRONIZE/ ");

            if(access & READ_CONTROL)
                printf("READ_CONTROL \n");
        }
    }
}

结果示例：