当使用SE_LMSHARE调用Get/Set[Named]SecurityInfo时,ACE中特定类型的访问权限是如何解释的?
我猜我应该使用文件访问权限常量的目录版本,但这是记录在任何地方吗?
对于像我一样正在尝试设置Windows共享权限并偶然遇到这个老问题的其他人来说,我整理了以下内容:
[Flags]
public enum ACCESS_MASK : uint
{
READ_FILE = 0x000001, // 0b000000000000000000001, 1 << 0
WRITE_FILE = 0x000002, // 0b000000000000000000010, 1 << 1
CREATE_SUBDIR = 0x000004, // 0b000000000000000000100, 1 << 2
READ_EXT_ATTR = 0x000008, // 0b000000000000000001000, 1 << 3
WRITE_EXT_ATTR = 0x000010, // 0b000000000000000010000, 1 << 4
EXECUTE = 0x000020, // 0b000000000000000100000, 1 << 5
DELETE_DIR = 0x000040, // 0b000000000000001000000, 1 << 6
READ_FILE_ATTR = 0x000080, // 0b000000000000010000000, 1 << 7
WRITE_FILE_ATTR = 0x000100, // 0b000000000000100000000, 1 << 8
DELETE = 0x010000, // 0b000010000000000000000, 1 << 16
READ_SD = 0x020000, // 0b000100000000000000000, 1 << 17
WRITE_DACL = 0x040000, // 0b001000000000000000000, 1 << 18
WRITE_OWNER = 0x080000, // 0b010000000000000000000, 1 << 19
SYNCHRONIZE = 0x100000, // 0b100000000000000000000, 1 << 20
// 2 1
// 098765432109876543210
// These combinations of the above flags correspond to the preset control levels in the relevant Windows dialogs.
SHARE_READ = READ_FILE | READ_EXT_ATTR | EXECUTE | READ_FILE_ATTR | READ_SD | SYNCHRONIZE,
SHARE_CHANGE = SHARE_READ | WRITE_FILE | CREATE_SUBDIR | WRITE_EXT_ATTR | WRITE_FILE_ATTR | DELETE,
SHARE_FULL = SHARE_CHANGE | DELETE_DIR | WRITE_DACL | WRITE_OWNER
}
请注意,这不是一个详尽的列表-它包含了提供共享权限的三个Windows预设所需的最小标志子集(即上面的最后三个成员)。