Create Shared Folder with Permission

delphi package - easy access to security apis
Post Reply
fpj
Posts: 5
Joined: Tue May 26, 2015 5:52 pm

Create Shared Folder with Permission

Post by fpj »

Hello,

I am a registered user of MadCodeHook. Today I need to create a shared folder, with permission (read/write) for only one specific user. Other users cannot have permission to open or write to this folder. I am trying using madSecurity like this, without success:

NewShare('c:\test', 'shared_test').Acl.SetFileAccess(Account('Admin'), True);
FileSecurity('c:\test').DAcl.SetFileAccess(Account('Everyone'), False);

Maybe I am missing something... Please, can you give me some tips?


Thanks! Regards,

Fabio
madshi
Site Admin
Posts: 10753
Joined: Sun Mar 21, 2004 5:25 pm

Re: Create Shared Folder with Permission

Post by madshi »

What does "without success" mean exactly? Does your keyboard turn into dust in the moment when you try? Do you get a bluescreen? Does your harddrive get formatted? Some more details would be helpful.

Is there really a user named exactly 'Admin'? Instead of Account('Everyone') please use "Everyone()". The correct user name is not "Everyone" on any language other than English. The function "Everyone()" works on all OS languages.

Does the folder "c:\test" already exist? NewShare() does not create the folder. You need to create the folder before you use NewShare or FileSecurity.
fpj
Posts: 5
Joined: Tue May 26, 2015 5:52 pm

Re: Create Shared Folder with Permission

Post by fpj »

Thanks for reply Madshi,

The folder "c:\test" was created before the tests. The user 'Admin' is one of the users account.

The goal is to set full permissions for this user 'Admin' to read/write the 'c:\test' folder, and deny permissions for all other users.

NewShare can create the share and add permission for 'Admin', but all other users have all permissions too.

I found this post viewtopic.php?f=8&t=2906 (from 2006) and will try to follow the tips.

If you have updated tips, please let me know!


Thanks! Regards,

Fabio
madshi
Site Admin
Posts: 10753
Joined: Sun Mar 21, 2004 5:25 pm

Re: Create Shared Folder with Permission

Post by madshi »

SetFileAccess will only change things for that one user. If you want to delete access for all other users first, try this:

Code: Select all

with NewShare(...).Acl do
begin
  Clear();
  SetFileAccess(Account('Admin'), True);
end;
And the NTFS security is quite complicated. E.g. the DAcl might inherit stuff from the parent. You can set "ProtectedDAcl := true" to make the DAcl not inherit anything from the parent.
fpj
Posts: 5
Joined: Tue May 26, 2015 5:52 pm

Re: Create Shared Folder with Permission

Post by fpj »

Hi Madshi,

Following your tip I could create the shared folder and the 'allow' permission to the user 'Admin'. But I didn't understand yet how to 'deny' permission to other users. Seems I need more information about Windows NTFS and share permissions / security... So, first I will do more research about this, so I can try again and ask the right questions here.

Thank you again. Best regards,

Fabio
madshi
Site Admin
Posts: 10753
Joined: Sun Mar 21, 2004 5:25 pm

Re: Create Shared Folder with Permission

Post by madshi »

See "Clear" and "ProtectedDAcl".
Post Reply