Setting Read/Write access

delphi package - easy access to security apis
Post Reply
ScottC
Posts: 2
Joined: Sat Jul 11, 2009 4:13 pm

Setting Read/Write access

Post by ScottC »

How do I set rights on a folder to allow "Read" and "Write" access but not "List folder contents" or "Execute"?

Code: Select all

  With FileSecurity(Path).DACL do
    begin
      Clear;
      NewItem(Account('S-1-5-11'), GENERIC_All, atAllowed, [afObjectInherit, afContainerInherit]); 
    end;
I am able to set full rights with this code but I need to limit the users to have only read/write access.

I need the security to be like this.

Image
madshi
Site Admin
Posts: 10528
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

Hello,

the problem with this is that the exact flag combination sometimes even differs between different OSs. Your best bet would be to configure a dummy folder the way you want it to be and then use madSecurity to list the contents of the ACL. That way you will know which flags the OS wants to have for the given configuration. You need to replace GENERIC_ALL with something else.
ScottC
Posts: 2
Joined: Sat Jul 11, 2009 4:13 pm

Post by ScottC »

Is there an example of how to list the contents of the ACL?
madshi
Site Admin
Posts: 10528
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

It's rather simple:

Code: Select all

with FileSecurity(Path).DACL do
  for i1 := 0 to ItemCount - 1 do
    ShowMessage(Items[i1].Account.Name + ' / ' + IntToHex(Items[i1].Access, 1));
Post Reply