1. Overview of file properties
Under Windows platform, the attributes of files are divided into general attributes and security attributes.
When the user modifies the general attributes of the target file, the secret label obtains the general attributes of the file through GetFileAttributes(); Reset the general attributes of the original file through SetFileAttributes(), which ensures that the general attributes of the file will not be lost.
Windows - file general properties
When the user modifies the security attribute of the target file, the secret label obtains the security attribute information of the file through the core function GetNamedSecurityInfo(); Set the security attributes of the original file through the core function SetNamedSecurityInfo(), so as to ensure that the security attributes of the file will not be lost.
Windows file security properties
2. Detailed explanation of Windows file properties
Windows disk partition formats are divided into NTFS and FAT32. The general attributes of files exist under NTFS and FAT32 disk partitions; For the security attribute of the file, it only exists under the NTFS partition.
2.1 Windows files - general properties
The main function of the GetFileAttributes function is to return the file general attributes of the specified directory or file.
Function prototype:
DWORD GetFileAttributes(LPCTSTR lpFileName);
Function parameters:
lpFileName: the name of the specified file or directory
Note: for ANSI version, the directory name cannot exceed 260 characters.
Return value:
When successful, the return value is the attribute of the file or directory, and the return value can be one or more attributes;
In case of failure, the return value is INVALID_FILE_ATTRIBUTES.
Note: GetFileAttributesEx function:
In addition to the above file attribute content, you can also get the file creation date, last read-write date, file size and other information.
The main function of the SetFileAttributes function is to set the general attributes of a file or directory.
Function prototype:
BOOL SetFileAttributes( LPCTSTR lpFileName, DWORD dwFileAttributes);
Function parameters:
lpFileName: enter a parameter for the file or directory where the file attribute needs to be set.
dwFileAttributes: DWORD data is used to represent file attributes in the file system, and multiple file attributes are connected by "|" operation
Return value:
Return BOOL value, indicating whether it is successful.
In MSDN, a file has 15 attributes in total. Depending on the partition format of the disk, the attributes of the file will be different.
Windows file property return value
The attributes marked in orange are the public attributes of files in Windows system, among which "read only", "hidden", "system" and "archive" are the four basic attributes of files. compressed,content_ Indexed and encrypted only exist in NTFS partitions.
2.2 Windows files - Security Attributes
In Windows NT, users are divided into many groups. Groups have different permissions. Of course, users in a group can also have different permissions. Let's talk about common user groups in NT.
Administrators: Administrators group. By default, users in administrators have unrestricted full access to the computer / domain. The default permissions assigned to this group allow full control of the entire system. Therefore, only trusted people can be members of this group.
Power Users: advanced users group. Power Users can perform any other operating system tasks except those reserved for the Administrators group. The default permissions assigned to the Power Users group allow members of the Power Users group to modify settings for the entire computer. However, Power Users do not have permission to add themselves to the Administrators group. In permission settings, the permissions of this group are second only to Administrators.
Users: ordinary user group. Users in this group cannot make intentional or unintentional changes. As a result, users can run authenticated applications, but not most legacy applications. The users group is the most secure group because the default permissions assigned to the group do not allow members to modify operating system settings or user data. The users group provides the most secure program running environment. On NTFS formatted volumes, the default security settings are designed to prevent members of this group from endangering the integrity of the operating system and installed programs. Users cannot modify system registry settings, operating system files, or program files. Users can shut down the workstation, but not the server. Users can create local groups, but can only modify the local groups they create.
Guests: guest group. By default, guests have the same access rights as members of ordinary Users, but guest accounts have more restrictions.
Everyone: all users, all users on this computer belong to this group.
The following table shows the security information of operating general security objects through Windows API functions.
Information table of Windows operating various types of security objects
2.2. 1) read file - Security Attributes
The main function of the GetNamedSecurityInfo() function is to obtain the file security properties of the specified directory or file.
Function prototype:
DWORD GetNamedSecurityInfo( LPTSTR pObjectName, // object name SE_OBJECT_TYPE ObjectType, // object type SECURITY_INFORMATION SecurityInfo, // Message type PSID *ppsidOwner, // Owner's SID PSID *ppsidGroup, // Previous group SID PACL *ppDacl, // DACL PACL *ppSacl, // SACL PSECURITY_DESCRIPTOR *ppSecurityDescriptor // SD );
Return value:
Return BOOL value, indicating whether it is successful. 0: successful
==============================================================
Example:
PACL pOldDacl=NULL; std::string file_path = "D:\dandao\1.txt"; PACL pNewDacl=NULL; DWORD dRet; PSECURITY_DESCRIPTOR pSID=NULL; dRet = GetNamedSecurityInfo((LPTSTR)UTWS(file_path), SE_FILE_OBJECT, //File security properties DACL_SECURITY_INFORMATION,//The message type is security type NULL,NULL,&pOldDacl,NULL,&pSID);//Get the security attributes of the file, and store the information in pOldDacl if(dRet== ERROR_SUCCESS) return OK;
=============================================================
2.2. 2 write file - Security Attributes
The main function of the SetNamedSecurityInfo() function is to set the file security attribute of the specified directory or file.
Function prototype:
DWORD SetNamedSecurityInfo( LPTSTR pObjectName, // object name SE_OBJECT_TYPE ObjectType, // object type SECURITY_INFORMATION SecurityInfo, // Message type PSID *ppsidOwner, // Owner's SID PSID *ppsidGroup, // Previous group SID PACL *ppDacl, // DACL PACL *ppSacl, // SACL PSECURITY_DESCRIPTOR *ppSecurityDescriptor // SD );
Return value:
Return BOOL value, indicating whether it is successful. 0: successful
2.2. 3 modify file - Security Attributes
Windows API call process: getnamedsecurityinfo() - > fill explicit_ ACCESS ->
Setentriesinacl() - > setnamedsecurityinfo() - > release DACL and SID.
==============================================================
Example:
PACL pOldDacl=NULL; PACL pNewDacl=NULL; DWORD dRet; std::string file_path = "D:\dandao\1.txt"; EXPLICIT_ACCESS eia; PSECURITY_DESCRIPTOR pSID=NULL; dRet = GetNamedSecurityInfo((LPTSTR)UTWS(file_path), SE_FILE_OBJECT, //File security properties DACL_SECURITY_INFORMATION,//The message type is security type NULL,NULL,&pOldDacl,NULL,&pSID); //Create an ACE, modify the security attributes of the file, and write the information to the eia ZeroMemory(&eia,sizeof(EXPLICIT_ACCESS)); eia.grfAccessPermissions = 0x1F01FF; (0x1F01FF:Full authority of the representative; 0 x1200A9:Readable and executable; 0 x1701BF: Readable, writable, executable and modifiable) eia.grfAccessMode = GRANT_ACCESS; //Permission mode eia.grfInheritance = SUB_CONTAINERS_AND_OBJECTS_INHERIT;//Inheritance relationship eia.Trustee.TrusteeForm = TRUSTEE_IS_NAME; eia.Trustee.pstrName = L"everyone"; // Add the new ACE to the DACL. At this time, PNewDacl stores the new security attribute information dRet = SetEntriesInAcl(1,&eia,pOldDacl,&pNewDacl); if(dRet=ERROR_SUCCESS) return OK; // Update the modified DACL dRet = SetNamedSecurityInfo((LPTSTR)UTWS(file_path), SE_FILE_OBJECT, //File security properties DACL_SECURITY_INFORMATION,//The message type is security type NULL,NULL,NULL,pNewDacl, NULL); if(dRet=ERROR_SUCCESS) return OK; //Release DACL and SID if(pNewDacl)LocalFree(pNewDacl); if(pSID)LocalFree(pSID);
=================================================================