Can't set a DACL on a folder that was NULLed.
- From: "Chris Becke" <chris.becke@xxxxxxxxx>
- Date: Fri, 29 Feb 2008 19:43:05 +0200
A misconfigured setup program created some folders with a NULL DACL (Using
SetSecurityInfo()).
Now, I need to fix the problems this is causing... However, every time I try
to open the folder for DACL writing...
HANDLE hDir = CreateFile(pszDirectory, READ_CONTROL|WRITE_DACL,0,
NULL,FILE_BACKUP_SEMANTICS,NULL);
This call fails with @err =5: Access Denied.
Ive tried making the call from the (standard user) account that owns the
folder, and from and elevated Administrator account, and always error 5
trying to open the folder.
Strangely, the Vista explorer's property sheet can open and show the (lack)
of security info just fine, and even lets me add users and rights back - all
without prompting for elevation. The same standard user account is being
used to explore with explorer as Im using to call CreateFile.
Is there any way out of this pit ive made for myself? While I *could* tell
the effected users just to use explorer to manipulate and delete various
folders, Id really prefer to get a code solution working. The utter lack of
an ability to get a file handle to the folder is styiming me.
.
- Follow-Ups:
- Re: Can't set a DACL on a folder that was NULLed.
- From: Paul Baker [MVP, Windows - SDK]
- Re: Can't set a DACL on a folder that was NULLed.
- Prev by Date: Re: User access rights within process on Vista
- Next by Date: Re: Can't set a DACL on a folder that was NULLed.
- Previous by thread: RE: AcceptSecurityContext failing with SEC_E_INVALID_TOKEN
- Next by thread: Re: Can't set a DACL on a folder that was NULLed.
- Index(es):
Relevant Pages
|
