Create Shared Folder with Permission

delphi package - easy access to security apis

Create Shared Folder with Permission

Postby fpj » Tue May 26, 2015 6:42 pm

Hello,

I am a registered user of MadCodeHook. Today I need to create a shared folder, with permission (read/write) for only one specific user. Other users cannot have permission to open or write to this folder. I am trying using madSecurity like this, without success:

NewShare('c:\test', 'shared_test').Acl.SetFileAccess(Account('Admin'), True);
FileSecurity('c:\test').DAcl.SetFileAccess(Account('Everyone'), False);

Maybe I am missing something... Please, can you give me some tips?


Thanks! Regards,

Fabio
fpj
 
Posts: 5
Joined: Tue May 26, 2015 5:52 pm

Re: Create Shared Folder with Permission

Postby madshi » Wed May 27, 2015 7:33 am

What does "without success" mean exactly? Does your keyboard turn into dust in the moment when you try? Do you get a bluescreen? Does your harddrive get formatted? Some more details would be helpful.

Is there really a user named exactly 'Admin'? Instead of Account('Everyone') please use "Everyone()". The correct user name is not "Everyone" on any language other than English. The function "Everyone()" works on all OS languages.

Does the folder "c:\test" already exist? NewShare() does not create the folder. You need to create the folder before you use NewShare or FileSecurity.
madshi
Site Admin
 
Posts: 9645
Joined: Sun Mar 21, 2004 5:25 pm

Re: Create Shared Folder with Permission

Postby fpj » Wed May 27, 2015 12:41 pm

Thanks for reply Madshi,

The folder "c:\test" was created before the tests. The user 'Admin' is one of the users account.

The goal is to set full permissions for this user 'Admin' to read/write the 'c:\test' folder, and deny permissions for all other users.

NewShare can create the share and add permission for 'Admin', but all other users have all permissions too.

I found this post viewtopic.php?f=8&t=2906 (from 2006) and will try to follow the tips.

If you have updated tips, please let me know!


Thanks! Regards,

Fabio
fpj
 
Posts: 5
Joined: Tue May 26, 2015 5:52 pm

Re: Create Shared Folder with Permission

Postby madshi » Wed May 27, 2015 12:59 pm

SetFileAccess will only change things for that one user. If you want to delete access for all other users first, try this:

Code: Select all
with NewShare(...).Acl do
begin
  Clear();
  SetFileAccess(Account('Admin'), True);
end;

And the NTFS security is quite complicated. E.g. the DAcl might inherit stuff from the parent. You can set "ProtectedDAcl := true" to make the DAcl not inherit anything from the parent.
madshi
Site Admin
 
Posts: 9645
Joined: Sun Mar 21, 2004 5:25 pm

Re: Create Shared Folder with Permission

Postby fpj » Thu May 28, 2015 5:20 pm

Hi Madshi,

Following your tip I could create the shared folder and the 'allow' permission to the user 'Admin'. But I didn't understand yet how to 'deny' permission to other users. Seems I need more information about Windows NTFS and share permissions / security... So, first I will do more research about this, so I can try again and ask the right questions here.

Thank you again. Best regards,

Fabio
fpj
 
Posts: 5
Joined: Tue May 26, 2015 5:52 pm

Re: Create Shared Folder with Permission

Postby madshi » Thu May 28, 2015 7:55 pm

See "Clear" and "ProtectedDAcl".
madshi
Site Admin
 
Posts: 9645
Joined: Sun Mar 21, 2004 5:25 pm


Return to madSecurity

Who is online

Users browsing this forum: No registered users and 1 guest

cron