Board index » cppbuilder » Is manipulating NT permissions supposed to be hard?

2005-12-22 12:09:42 PM
cppbuilder50
Hi NG,
Can someone explain to me why it seems that I must write hundreds of lines
of code to perform the following three simple functions... Maybe I am doing
this all wrong....
1. Check if the current user has sufficient permissions to write to, delete
and create a file in a particular location.
2. Check if the current user has sufficient permissions to write to, delete
and create registry keys in a particular location.
3. Grant all users permission to do above two things.
I am beginning to think that for #1 and #2 it might be easier to just simply
try these operations and assume if any of them fail - that sufficient
permissions do not exist for the current user. And for #3 it looks like all
I may need to do is set a NULL DACL for the object (several lines of code
but more manageable and less prone to error).
Can you point me at some sample C++ source that would help me simplify this?
I have found several sources myself - but delving inside - they all
immediately explode in a cacophony of low level security API that seems to
be waaaaay overboard for the three simple things I want to do... One source
I found seemed to do what I wanted - but it was over 1000 {*word*76}y lines -
just to do the first two things! Maybe MS never wanted this to be simple?
PS: I need to statically link in to a single module, so external modules
(like the "SetACL" ocx) are not appropriate.
Thanks.
Frustrated.
 

"Franco" < XXXX@XXXXX.COM >wrote in message
then there would be no point in implementing any security in the OS at all.
an operation fails due to permissions. But the operations could fail for
other reasons as well, so assuming that if an error is present then it
indicates insufficient permissions is not very accurate.
the permissions altogether.
Sample code has been posted many many times before.
at runtime if you want your application to run on Win9x/Me systems.
Gambit