以下使用ctypes进行调用
GetNamedSecurityInfo。最初,它遵循问题中链接的代码片段,但
GetNamedSecurityInfo通常比有用
GetFileSecurity,尤其是因为它与
SetNamedSecurityInfo代替过时的功能配对时特别有用
SetFileSecurity。
ctypes和类
import ctypes as ctypesfrom ctypes import wintypes as wintypeskernel32 = ctypes.WinDLL('kernel32', use_last_error=True)advapi32 = ctypes.WinDLL('advapi32', use_last_error=True)ERROR_INVALID_FUNCTION = 0x0001ERROR_FILE_NOT_FOUND = 0x0002ERROR_PATH_NOT_FOUND = 0x0003ERROR_ACCESS_DENIED = 0x0005ERROR_SHARING_VIOLATION = 0x0020SE_FILE_OBJECT = 1OWNER_SECURITY_INFORMATION = 0x00000001GROUP_SECURITY_INFORMATION = 0x00000002DACL_SECURITY_INFORMATION = 0x00000004SACL_SECURITY_INFORMATION = 0x00000008LABEL_SECURITY_INFORMATION = 0x00000010_DEFAULT_SECURITY_INFORMATION = (OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION | LABEL_SECURITY_INFORMATION)LPDWORD = ctypes.POINTER(wintypes.DWORD)SE_OBJECT_TYPE = wintypes.DWORDSECURITY_INFORMATION = wintypes.DWORDclass SID_NAME_USE(wintypes.DWORD): _sid_types = dict(enumerate(''' User Group Domain Alias WellKnownGroup DeletedAccount Invalid Unknown Computer Label'''.split(), 1)) def __init__(self, value=None): if value is not None: if value not in self.sid_types: raise ValueError('invalid SID type') wintypes.DWORD.__init__(value) def __str__(self): if self.value not in self._sid_types: raise ValueError('invalid SID type') return self._sid_types[self.value] def __repr__(self): return 'SID_NAME_USE(%s)' % self.valuePSID_NAME_USE = ctypes.POINTER(SID_NAME_USE)class PLOCAL(wintypes.LPVOID): _needs_free = False def __init__(self, value=None, needs_free=False): super(PLOCAL, self).__init__(value) self._needs_free = needs_free def __del__(self): if self and self._needs_free: kernel32.LocalFree(self) self._needs_free = FalsePACL = PLOCALclass PSID(PLOCAL): def __init__(self, value=None, needs_free=False): super(PSID, self).__init__(value, needs_free) def __str__(self): if not self: raise ValueError('NULL pointer access') sid = wintypes.LPWSTR() advapi32.ConvertSidToStringSidW(self, ctypes.byref(sid)) try: return sid.value finally: if sid: kernel32.LocalFree(sid)class PSECURITY_DEscriptOR(PLOCAL): def __init__(self, value=None, needs_free=False): super(PSECURITY_DEscriptOR, self).__init__(value, needs_free) self.pOwner = PSID() self.pGroup = PSID() self.pDacl = PACL() self.pSacl = PACL() # back references to keep this object alive self.pOwner._SD = self self.pGroup._SD = self self.pDacl._SD = self self.pSacl._SD = self def get_owner(self, system_name=None): if not self or not self.pOwner: raise ValueError('NULL pointer access') return look_up_account_sid(self.pOwner, system_name) def get_group(self, system_name=None): if not self or not self.pGroup: raise ValueError('NULL pointer access') return look_up_account_sid(self.pGroup, system_name)def _check_bool(result, func, args): if not result: raise ctypes.WinError(ctypes.get_last_error()) return args# msdn.microsoft.com/en-us/library/aa376399advapi32.ConvertSidToStringSidW.errcheck = _check_booladvapi32.ConvertSidToStringSidW.argtypes = ( PSID, # _In_ Sid ctypes.POINTER(wintypes.LPWSTR)) # _Out_ StringSid# msdn.microsoft.com/en-us/library/aa379166advapi32.LookupAccountSidW.errcheck = _check_booladvapi32.LookupAccountSidW.argtypes = ( wintypes.LPCWSTR, # _In_opt_ lpSystemName PSID, # _In_ lpSid wintypes.LPCWSTR, # _Out_opt_ lpName LPDWORD, # _Inout_ cchName wintypes.LPCWSTR, # _Out_opt_ lpReferencedDomainName LPDWORD, # _Inout_ cchReferencedDomainName PSID_NAME_USE) # _Out_ peUse# msdn.microsoft.com/en-us/library/aa446645advapi32.GetNamedSecurityInfoW.restype = wintypes.DWORDadvapi32.GetNamedSecurityInfoW.argtypes = ( wintypes.LPWSTR, # _In_ pObjectName SE_OBJECT_TYPE, # _In_ ObjectType SECURITY_INFORMATION, # _In_ SecurityInfo ctypes.POINTER(PSID), # _Out_opt_ ppsidOwner ctypes.POINTER(PSID), # _Out_opt_ ppsidGroup ctypes.POINTER(PACL), # _Out_opt_ ppDacl ctypes.POINTER(PACL), # _Out_opt_ ppSacl ctypes.POINTER(PSECURITY_DEscriptOR)) # _Out_opt_ ppSecurityDescriptor职能
def look_up_account_sid(sid, system_name=None): SIZE = 256 name = ctypes.create_unipre_buffer(SIZE) domain = ctypes.create_unipre_buffer(SIZE) cch_name = wintypes.DWORd(SIZE) cch_domain = wintypes.DWORd(SIZE) sid_type = SID_NAME_USE() advapi32.LookupAccountSidW(system_name, sid, name, ctypes.byref(cch_name), domain, ctypes.byref(cch_domain), ctypes.byref(sid_type)) return name.value, domain.value, sid_typedef get_file_security(filename, request=_DEFAULT_SECURITY_INFORMATION): # N.B. This query may fail with ERROR_INVALID_FUNCTION # for some filesystems. pSD = PSECURITY_DEscriptOR(needs_free=True) error = advapi32.GetNamedSecurityInfoW(filename, SE_FILE_OBJECT, request, ctypes.byref(pSD.pOwner), ctypes.byref(pSD.pGroup), ctypes.byref(pSD.pDacl), ctypes.byref(pSD.pSacl), ctypes.byref(pSD)) if error != 0: raise ctypes.WinError(error) return pSD
用法示例
if __name__ == '__main__': import os, sys if len(sys.argv) < 2: script_name = os.path.basename(__file__) sys.exit('usage: {} filename'.format(script_name)) filename = sys.argv[1] if isinstance(filename, bytes): if hasattr(os, 'fsdepre'): filename = os.fsdepre(filename) else: filename = filename.depre(sys.getfilesystemencoding()) pSD = get_file_security(filename) owner_name, owner_domain, owner_sid_type = pSD.get_owner() if owner_domain: owner_name = '{}\{}'.format(owner_domain, owner_name) print("Path : {}".format(filename)) print("Owner: {} ({})".format(owner_name, owner_sid_type)) print("SID : {}".format(pSD.pOwner))示例输出
Path : C:UsersOwner: NT AUTHORITYSYSTEM (WellKnownGroup)SID : S-1-5-18Path : C:ProgramDataOwner: NT AUTHORITYSYSTEM (WellKnownGroup)SID : S-1-5-18Path : C:Program FilesOwner: NT SERVICETrustedInstaller (WellKnownGroup)SID : S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464Path : C:WindowsOwner: NT SERVICETrustedInstaller (WellKnownGroup)SID : S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464
