/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
#include <stdio.h>
#include <windows.h>
#include <malloc.h>
#include <string.h>
/*
* Simple Windows utility to remove all non-owner access to a given
* file - suitable for NT/2000/XP only.
*/
/*
* Access mask to represent any file access
*/
/*
* Print error message to stderr
*/
int len;
buf[0] = '\0';
errval = GetLastError();
if (errval != 0) {
if (n > 3) {
/* Drop final '.', CR, LF */
buf[n] = '\0';
}
}
} else {
}
}
/*
* Return a string that includes all the components of a given SID.
* See here for a description of the SID components :-
*/
char* name;
/*
* Get the identifier authority and the number of sub-authorities
*/
/*
* Allocate buffer for the string - buffer is :-
* S-SID_REVISION- + identifierAuthority- + subauthorities- + NULL
*/
return NULL;
}
// S-SID_REVISION
// Identifier authority
{
}
else
{
}
// finally, the sub-authorities
for (i=0 ; i<count; i++) {
*GetSidSubAuthority(sid, i) );
}
return name;
}
/*
* Returns a string to represent the given security identifier (SID).
* If the account is known to the local computer then the account
* domain is returned. The format will be \\name or domain\\name depending
* on if the computer belongs to a domain.
* If the account name is not known then the textual representation of
* SID is returned -- eg: S-1-5-21-2818032319-470147023-1036452850-13037.
*/
if(!IsValidSid(sid)) {
return strdup("<Invalid SID>");
}
if (s != NULL) {
strcat(s, "\\\\");
}
return s;
} else {
return getTextualSid(sid);
}
}
/*
* Returns 1 if the specified file is on a file system that supports
* persistent ACLs (On NTFS file systems returns true, on FAT32 file systems
* returns false), otherwise 0. Returns -1 if error.
*/
char* root;
char* p;
/*
* Get root directory. For UNCs the slash after the share name is required.
*/
if (*root == '\\') {
/*
* \\server\share\file ==> \\server\share\
*/
p = root;
while ((*p == '\\') && (slashskip > 0)) {
char* p2;
p++;
return -1;
}
p = p2;
slashskip--;
}
if (slashskip != 0) {
return -1;
}
p++;
*p = '\0';
} else {
/*
* Relative path so use current directory
*/
if (p == NULL) {
printLastError("GetCurrentDirectory failed");
return -1;
}
if (p == NULL) {
return -1;
}
}
p++;
*p = '\0';
}
/*
* Get the volume information - this gives us the file system file and
* also tells us if the file system supports persistent ACLs.
*/
NULL, // address of name of the volume, can be NULL
0, // length of volume name
NULL, // address of volume serial number, can be NULL
&dwFlags,
if (res == 0) {
printLastError("GetVolumeInformation failed");
return -1;
}
}
/*
* Returns the security descriptor for a file.
*/
if (GetLastError() != ERROR_INSUFFICIENT_BUFFER) {
printLastError("GetFileSecurity failed");
return NULL;
}
} else {
printLastError("GetFileSecurity failed");
return NULL;
}
}
return sd;
}
/*
* Revoke all access to the specific file
*/
char* str;
/*
* Get security descriptor for file; From security descriptor get the
* owner SID, and the DACL.
*/
return -1; /* error already reported */
}
printLastError("GetSecurityDescriptorOwner failed");
return -1;
}
}
printLastError("GetSecurityDescriptorDacl failed");
return -1;
}
if (!present) {
return -1;
}
/*
* If DACL is NULL there is no access to the file - we are done
*/
return 1;
}
/*
* Iterate over the ACEs. For each "allow" type check that the SID
* matches the owner - if not we remove the ACE from the ACL
*/
printLastError("GetAclInformation failed");
return -1;
}
i = 0;
while (count > 0) {
void* ace;
printLastError("GetAce failed");
return -1;
}
continue;
}
/*
* If the ACE allows any access then the file then we
* delete it.
*/
}
printLastError("DeleteAce failed");
return -1;
}
}
}
if (!deleted) {
}
/* onto the next ACE */
i++;
}
count--;
}
/*
* No changes - only owner has access
*/
if (i == acl_size_info.AceCount) {
printf("No changes.\n");
return 1;
}
/*
* Create security descriptor and set its DACL to the version
* that we just edited
*/
printLastError("InitializeSecurityDescriptor failed");
return -1;
}
printLastError("SetSecurityDescriptorDacl failed");
return -1;
}
printLastError("SetFileSecurity failed");
return -1;
}
printf("File updated.\n");
return 1;
}
/*
* Convert slashes in the pathname to backslashes if needed.
*/
static char* convert_path(const char* p) {
int i = 0;
while (p[i] != '\0') {
if (p[i] == '/') {
path[i] = '\\';
}
i++;
}
return path;
}
/*
* Usage: revokeall file
*/
{
int rc;
const char* path;
if (argc != 2) {
return -1;
}
if (rc != 1) {
if (rc == 0) {
printf("File security not supported on this file system\n");
}
return rc;
} else {
}
}