Remove file permissions on windows with python
1 | I have used the following to grant access to a file. Courtesy of kindall |
https://stackoverflow.com/a/12168268/740899
1 2 3 4 5 6 7 8 9 10 11 12 13 14 | > import win32security > import ntsecuritycon as con > > FILENAME ="whatever" > > userx, domain, type = win32security.LookupAccountName ("","User X") > > sd = win32security.GetFileSecurity(FILENAME, win32security.DACL_SECURITY_INFORMATION) > dacl = sd.GetSecurityDescriptorDacl() # instead of dacl = win32security.ACL() > > dacl.AddAccessAllowedAce(win32security.ACL_REVISION, con.FILE_GENERIC_READ | con.FILE_GENERIC_WRITE, userx) > > sd.SetSecurityDescriptorDacl(1, dacl, 0) # may not be necessary > win32security.SetFileSecurity(FILENAME, win32security.DACL_SECURITY_INFORMATION, sd) |
但是,访问权限必须是临时的。 所以我用
我无法找到支持此类任务的文档。 有谁知道如何通过操纵dacl来做到这一点? 还是我必须通过Windows界面手动执行此操作?
在此处找到了解决方案:http://voices.canonical.com/tag/windows/
我不得不微调一下,但是它正在工作。 ew!
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 | def remove_ace(path,usernames): """Remove the ace for the given users.""" if not os.path.exists(path): raise WindowsError('Path %s could not be found.' % path) total = 0 for x in usernames: userx, domain, utype = win32security.LookupAccountName("", x) sd = win32security.GetFileSecurity(path, win32security.DACL_SECURITY_INFORMATION) dacl = sd.GetSecurityDescriptorDacl() num_delete = 0 for index in range(0, dacl.GetAceCount()): ace = dacl.GetAce(index - num_delete) if userx == ace[2]: dacl.DeleteAce(index - num_delete) num_delete += 1 total += 1 if num_delete > 0: sd.SetSecurityDescriptorDacl(1, dacl, 0) win32security.SetFileSecurity(path, win32security.DACL_SECURITY_INFORMATION, sd) if total > 0: return True |