1 files changed, 51 insertions, 0 deletions
diff --git a/src/wixnative/resetacls.cpp b/src/wixnative/resetacls.cpp
new file mode 100644
index 00000000..8c5bdc56
--- /dev/null
+++ b/src/wixnative/resetacls.cpp
@@ -0,0 +1,51 @@
+// Copyright (c) .NET Foundation and contributors. All rights reserved. Licensed under the Microsoft Reciprocal License. See LICENSE.TXT file in the project root for full license information.
+#include "precomp.h"
+HRESULT ResetAclsCommand(int argc, LPWSTR argv[])
+{
+    Unused(argc);
+    Unused(argv);
+    HRESULT hr = S_OK;
+    ACL* pacl = NULL;
+    DWORD cbAcl = sizeof(ACL);
+    LPWSTR sczFilePath = NULL;
+    // create an empty (not NULL!) ACL to use on all the files
+    pacl = static_cast<ACL*>(MemAlloc(cbAcl, FALSE));
+    ConsoleExitOnNull(pacl, hr, E_OUTOFMEMORY, CONSOLE_COLOR_RED, "failed to allocate ACL");
+#pragma prefast(push)
+#pragma prefast(disable:25029)
+    if (!::InitializeAcl(pacl, cbAcl, ACL_REVISION))
+#pragma prefast(op)
+    {
+        ConsoleExitOnLastError(hr, CONSOLE_COLOR_RED, "failed to initialize ACL");
+    }
+    // Reset the existing security permissions on each provided file.
+    for (;;)
+    {
+        hr = ConsoleReadW(&sczFilePath);
+        ConsoleExitOnFailure(hr, CONSOLE_COLOR_RED, "failed to read file path from stdin");
+        if (!*sczFilePath)
+        {
+            break;
+        }
+        hr = ::SetNamedSecurityInfoW(sczFilePath, SE_FILE_OBJECT, DACL_SECURITY_INFORMATION | UNPROTECTED_DACL_SECURITY_INFORMATION, NULL, NULL, pacl, NULL);
+        if (ERROR_FILE_NOT_FOUND != hr && ERROR_PATH_NOT_FOUND != hr)
+        {
+            ConsoleExitOnFailure(hr = HRESULT_FROM_WIN32(hr), CONSOLE_COLOR_RED, "failed to set security descriptor for file: %ls", sczFilePath);
+        }
+    }
+    AssertSz(::IsValidAcl(pacl), "ResetAcls() - created invalid ACL");
+LExit:
+    ReleaseStr(sczFilePath);
+    ReleaseMem(pacl);
+    return hr;
+}

diff --git a/src/wixnative/resetacls.cpp b/src/wixnative/resetacls.cpp new file mode 100644 index 00000000..8c5bdc56 --- /dev/null +++ b/src/wixnative/resetacls.cpp
@@ -0,0 +1,51 @@
	1	// Copyright (c) .NET Foundation and contributors. All rights reserved. Licensed under the Microsoft Reciprocal License. See LICENSE.TXT file in the project root for full license information.
	2
	3	#include "precomp.h"
	4
	5	HRESULT ResetAclsCommand(int argc, LPWSTR argv[])
	6	{
	7	Unused(argc);
	8	Unused(argv);
	9
	10	HRESULT hr = S_OK;
	11	ACL* pacl = NULL;
	12	DWORD cbAcl = sizeof(ACL);
	13	LPWSTR sczFilePath = NULL;
	14
	15	// create an empty (not NULL!) ACL to use on all the files
	16	pacl = static_cast<ACL*>(MemAlloc(cbAcl, FALSE));
	17	ConsoleExitOnNull(pacl, hr, E_OUTOFMEMORY, CONSOLE_COLOR_RED, "failed to allocate ACL");
	18
	19	#pragma prefast(push)
	20	#pragma prefast(disable:25029)
	21	if (!::InitializeAcl(pacl, cbAcl, ACL_REVISION))
	22	#pragma prefast(op)
	23	{
	24	ConsoleExitOnLastError(hr, CONSOLE_COLOR_RED, "failed to initialize ACL");
	25	}
	26
	27	// Reset the existing security permissions on each provided file.
	28	for (;;)
	29	{
	30	hr = ConsoleReadW(&sczFilePath);
	31	ConsoleExitOnFailure(hr, CONSOLE_COLOR_RED, "failed to read file path from stdin");
	32
	33	if (!*sczFilePath)
	34	{
	35	break;
	36	}
	37
	38	hr = ::SetNamedSecurityInfoW(sczFilePath, SE_FILE_OBJECT, DACL_SECURITY_INFORMATION \| UNPROTECTED_DACL_SECURITY_INFORMATION, NULL, NULL, pacl, NULL);
	39	if (ERROR_FILE_NOT_FOUND != hr && ERROR_PATH_NOT_FOUND != hr)
	40	{
	41	ConsoleExitOnFailure(hr = HRESULT_FROM_WIN32(hr), CONSOLE_COLOR_RED, "failed to set security descriptor for file: %ls", sczFilePath);
	42	}
	43	}
	44
	45	AssertSz(::IsValidAcl(pacl), "ResetAcls() - created invalid ACL");
	46
	47	LExit:
	48	ReleaseStr(sczFilePath);
	49	ReleaseMem(pacl);
	50	return hr;
	51	}