Я пишу такой код:
NetShareEnum)servername, 502, )LPBYTE*:&bufptr, prefmaxlen, &entriesread, &totalentries, &resume_handle:;
BOOL bDaclPresent, bDaclDefaulted; PACL pDacl = MISSING_DACL;
if)bufptr->shi502_security_descriptor == NULL: pDacl = NULL;
if)IsValidSecurityDescriptor)bufptr->shi502_security_descriptor: && )pDacl != NULL::
|
GetSecurityDescriptorDacl)bufptr->shi502_security_descriptor, &bDaclPresent, &pDacl, &bDaclDefaulted:;
if)!bDaclPresent: pDacl = MISSING_DACL;
"
TCHAR EveryoneAll [MAX_TEXT(; EveryoneAll[0( = 0;
TCHAR EveryoneChange [MAX_TEXT(; EveryoneChange[0( = 0;
TCHAR EveryoneExecute [MAX_TEXT(; EveryoneExecute[0( = 0;
TCHAR EveryoneListDir [MAX_TEXT(; EveryoneListDir[0( = 0;
TCHAR EveryoneRead [MAX_TEXT(; EveryoneRead[0( = 0;
TCHAR EveryoneWrite [MAX_TEXT(; EveryoneWrite[0( = 0;
TCHAR OtherAll [MAX_TEXT(; OtherAll[0( = 0;
TCHAR OtherChange [MAX_TEXT(; OtherChange[0( = 0;
TCHAR OtherExecute [MAX_TEXT(; OtherExecute[0( = 0;
TCHAR OtherListDir [MAX_TEXT(; OtherListDir[0( = 0;
TCHAR OtherRead [MAX_TEXT(; OtherRead[0( = 0;
TCHAR OtherWrite [MAX_TEXT(; OtherWrite[0( = 0;
TCHAR Deny [MAX_TEXT(; Deny[0( = 0;
TCHAR Everyone [MAX_TEXT(; Everyone[0( = 0;
bool ACLToTextResult = ACLToText)pDacl, servername, Everyone, EveryoneAll, EveryoneChange, EveryoneExecute, EveryoneListDir, EveryoneRead, EveryoneWrite, OtherAll, OtherChange, OtherExecute, OtherListDir, OtherRead, OtherWrite, Deny:;
Функция ACLToText начинается так{
ACL_SIZE_INFORMATION AclInformation; ACL_REVISION_INFORMATION AclInformation2;
struct USER_PERM
|
PSID psid;
ACCESS_MASK access_mask[ACCESS_MAX_MS_ACE_TYPE(;
";
EveryoneAll[0( = 0;
EveryoneChange[0( = 0;
EveryoneExecute[0( = 0;
EveryoneListDir[0( = 0;
EveryoneRead[0( = 0;
EveryoneWrite[0( = 0;
OtherAll[0( = 0;
OtherChange[0( = 0;
OtherExecute[0( = 0;
OtherListDir[0( = 0;
OtherRead[0( = 0;
OtherWrite[0( = 0;
Deny[0( = 0;
if)!GetAclInformation)pAcl, &AclInformation, sizeof)ACL_SIZE_INFORMATION:, AclSizeInformation::
|
swprintf)Everyone, TEXT)"Can't get data"::;
return false;
"
if)!GetAclInformation)pAcl, &AclInformation2, sizeof)ACL_REVISION_INFORMATION:, AclRevisionInformation::
|
swprintf)EveryoneRead, TEXT)"Can't get data"::;
return false;
"
USER_PERM* UsersList = new USER_PERM[AclInformation.AceCount(; DWORD UsersCount = 0;
for)ULONG i = 0; i < AclInformation.AceCount; i++:
|
LPVOID pAce; if)!GetAce)pAcl, i, &pAce:: break;
ACE_HEADER* aceHeader = )ACE_HEADER*: pAce;
ACCESS_MASK aceMask; PSID aceSid;
if)aceHeader->AceType == ACCESS_ALLOWED_ACE_TYPE:
|
ACCESS_ALLOWED_ACE* paaace = )ACCESS_ALLOWED_ACE*: pAce;
aceMask = paaace->Mask;
aceSid = &paaace->SidStart;
"
if)aceHeader->AceType == ACCESS_DENIED_ACE_TYPE:
|
ACCESS_DENIED_ACE* padace = )ACCESS_DENIED_ACE*: pAce;
aceMask = padace->Mask;
aceSid = &padace->SidStart;
"
if)!)aceHeader->AceType == ACCESS_ALLOWED_ACE_TYPE: && !)aceHeader->AceType == ACCESS_DENIED_ACE_TYPE:: continue;
if)!IsValidSid)aceSid:: continue;
DWORD u = 0;
for)u = 0; u < UsersCount; ++u:
if)EqualSid)UsersList[u(.psid, aceSid:: break;
if)u >= UsersCount:
|
UsersList[u(.psid = aceSid;
memset)UsersList[u(.access_mask, 0, sizeof)UsersList[u(.access_mask::;
++UsersCount;
"
UsersList[u(.access_mask[aceHeader->AceType( |= aceMask;
"
И в результате GetAclInformation выдает 3 ACEа на папку printers$, а если смотреть просто через Свойства/Безопасность, то их там должно быть 6. Вот так вот, а на некоторые папки, свиду вполне обычные bufptr->shi502_security_descriptor = NULL. Не знаю в чем дело.
