如何使用 win32 api 将文件所有权授予当前用户

发布于 2024-12-25 05:16:24 字数 3341 浏览 0 评论 0原文

我想使用 win32 api 获取文件所有权,并且我希望我的代码能够在 xp 和 win7 上运行

,这就是我想出的

功能,该功能可以更改文件的所有权

int ChangeFileOwner()
{
        HANDLE token;
        char *filename = "c:\\file1.txt"; //(not owned by the current user)
        DWORD len;
        PSECURITY_DESCRIPTOR security = NULL;
        int retValue = 1;
        PSID sid;

        // Get the privileges you need
        if (OpenProcessToken(GetCurrentProcess(), TOKEN_ALL_ACCESS, &token)) {

        if(!SetPrivilege("SeTakeOwnershipPrivilege", 1))retValue=0;
            if(!SetPrivilege("SeSecurityPrivilege", 1))retValue=0;
            if(!SetPrivilege("SeBackupPrivilege", 1))retValue=0;
            if(!SetPrivilege("SeRestorePrivilege", 1))retValue=0;
        } else retValue = 0;

        // Create the security descriptor
        if (retValue) {
            GetFileSecurity(filename, OWNER_SECURITY_INFORMATION, security, 0, &len);
            security = (PSECURITY_DESCRIPTOR)malloc(len);
            if (!InitializeSecurityDescriptor(security,SECURITY_DESCRIPTOR_REVISION))
                retValue = 0;
        }

        // Get the sid for the username
        if (retValue) {
                GetLogonSID(token, &sid) ;
            }
        // Set the sid to be the new owner
        if (retValue && !SetSecurityDescriptorOwner(security, sid, 0))
            retValue = 0;

        // Save the security descriptor
        if (retValue)
            retValue = SetFileSecurity(filename, OWNER_SECURITY_INFORMATION, security);
        if (security) free(security);

        return retValue;
}

,以获取当前用户的 SID

BOOL GetLogonSID (HANDLE hToken, PSID *ppsid) 
{
   BOOL bSuccess = FALSE;
   DWORD dwIndex;
   DWORD dwLength = 0;
   PTOKEN_GROUPS ptg = NULL;
// Get required buffer size and allocate the TOKEN_GROUPS buffer.
   GetTokenInformation(hToken,TokenGroups,(LPVOID) ptg,0,&dwLength) ;

   ptg = (PTOKEN_GROUPS)HeapAlloc(GetProcessHeap(),
         HEAP_ZERO_MEMORY, dwLength);
// Get the token group information from the access token.
   GetTokenInformation(hToken,TokenGroups,(LPVOID) ptg,dwLength,&dwLength) ;
// Loop through the groups to find the logon SID.
   for (dwIndex = 0; dwIndex < ptg->GroupCount; dwIndex++) 
      if ((ptg->Groups[dwIndex].Attributes & SE_GROUP_LOGON_ID)
             ==  SE_GROUP_LOGON_ID) 
      {
      // Found the logon SID; make a copy of it.

         dwLength = GetLengthSid(ptg->Groups[dwIndex].Sid);
         *ppsid = (PSID) HeapAlloc(GetProcessHeap(),
                     HEAP_ZERO_MEMORY, dwLength);
         CopySid(dwLength, *ppsid, ptg->Groups[dwIndex].Sid); 

         break;
      }
return TRUE;

}

代码来设置权限

int SetPrivilege(char *privilege, int enable) 
{
    TOKEN_PRIVILEGES tp;
    LUID luid;
    HANDLE token;

    if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &token)) return 0;
    if (!LookupPrivilegeValue(NULL, privilege, &luid)) return 0; 

    tp.PrivilegeCount = 1;
    tp.Privileges[0].Luid = luid;
    if (enable) tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
    else tp.Privileges[0].Attributes = 0;

    // Enable the privilege or disable all privileges.
    return AdjustTokenPrivileges(token, 0, &tp, NULL, NULL, NULL); 
}

I want to take file ownership using win32 api, and I want my code to work on both xp and win7

anyway, here is what i came up with

Function that changes the ownership of the file

int ChangeFileOwner()
{
        HANDLE token;
        char *filename = "c:\\file1.txt"; //(not owned by the current user)
        DWORD len;
        PSECURITY_DESCRIPTOR security = NULL;
        int retValue = 1;
        PSID sid;

        // Get the privileges you need
        if (OpenProcessToken(GetCurrentProcess(), TOKEN_ALL_ACCESS, &token)) {

        if(!SetPrivilege("SeTakeOwnershipPrivilege", 1))retValue=0;
            if(!SetPrivilege("SeSecurityPrivilege", 1))retValue=0;
            if(!SetPrivilege("SeBackupPrivilege", 1))retValue=0;
            if(!SetPrivilege("SeRestorePrivilege", 1))retValue=0;
        } else retValue = 0;

        // Create the security descriptor
        if (retValue) {
            GetFileSecurity(filename, OWNER_SECURITY_INFORMATION, security, 0, &len);
            security = (PSECURITY_DESCRIPTOR)malloc(len);
            if (!InitializeSecurityDescriptor(security,SECURITY_DESCRIPTOR_REVISION))
                retValue = 0;
        }

        // Get the sid for the username
        if (retValue) {
                GetLogonSID(token, &sid) ;
            }
        // Set the sid to be the new owner
        if (retValue && !SetSecurityDescriptorOwner(security, sid, 0))
            retValue = 0;

        // Save the security descriptor
        if (retValue)
            retValue = SetFileSecurity(filename, OWNER_SECURITY_INFORMATION, security);
        if (security) free(security);

        return retValue;
}

Function to get the current user SID

BOOL GetLogonSID (HANDLE hToken, PSID *ppsid) 
{
   BOOL bSuccess = FALSE;
   DWORD dwIndex;
   DWORD dwLength = 0;
   PTOKEN_GROUPS ptg = NULL;
// Get required buffer size and allocate the TOKEN_GROUPS buffer.
   GetTokenInformation(hToken,TokenGroups,(LPVOID) ptg,0,&dwLength) ;

   ptg = (PTOKEN_GROUPS)HeapAlloc(GetProcessHeap(),
         HEAP_ZERO_MEMORY, dwLength);
// Get the token group information from the access token.
   GetTokenInformation(hToken,TokenGroups,(LPVOID) ptg,dwLength,&dwLength) ;
// Loop through the groups to find the logon SID.
   for (dwIndex = 0; dwIndex < ptg->GroupCount; dwIndex++) 
      if ((ptg->Groups[dwIndex].Attributes & SE_GROUP_LOGON_ID)
             ==  SE_GROUP_LOGON_ID) 
      {
      // Found the logon SID; make a copy of it.

         dwLength = GetLengthSid(ptg->Groups[dwIndex].Sid);
         *ppsid = (PSID) HeapAlloc(GetProcessHeap(),
                     HEAP_ZERO_MEMORY, dwLength);
         CopySid(dwLength, *ppsid, ptg->Groups[dwIndex].Sid); 

         break;
      }
return TRUE;

}

Code To Set Privilege

int SetPrivilege(char *privilege, int enable) 
{
    TOKEN_PRIVILEGES tp;
    LUID luid;
    HANDLE token;

    if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &token)) return 0;
    if (!LookupPrivilegeValue(NULL, privilege, &luid)) return 0; 

    tp.PrivilegeCount = 1;
    tp.Privileges[0].Luid = luid;
    if (enable) tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
    else tp.Privileges[0].Attributes = 0;

    // Enable the privilege or disable all privileges.
    return AdjustTokenPrivileges(token, 0, &tp, NULL, NULL, NULL); 
}

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。
列表为空,暂无数据
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文