1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
// Copyright (c) .NET Foundation and contributors. All rights reserved. Licensed under the Microsoft Reciprocal License. See LICENSE.TXT file in the project root for full license information.
#include "precomp.h"
HRESULT ResetAclsCommand(int argc, LPWSTR argv[])
{
Unused(argc);
Unused(argv);
HRESULT hr = S_OK;
ACL* pacl = NULL;
DWORD cbAcl = sizeof(ACL);
LPWSTR sczFilePath = NULL;
// create an empty (not NULL!) ACL to use on all the files
pacl = static_cast<ACL*>(MemAlloc(cbAcl, FALSE));
ConsoleExitOnNull(pacl, hr, E_OUTOFMEMORY, CONSOLE_COLOR_RED, "failed to allocate ACL");
#pragma prefast(push)
#pragma prefast(disable:25029)
if (!::InitializeAcl(pacl, cbAcl, ACL_REVISION))
#pragma prefast(op)
{
ConsoleExitOnLastError(hr, CONSOLE_COLOR_RED, "failed to initialize ACL");
}
// Reset the existing security permissions on each provided file.
for (;;)
{
hr = ConsoleReadW(&sczFilePath);
ConsoleExitOnFailure(hr, CONSOLE_COLOR_RED, "failed to read file path from stdin");
if (!*sczFilePath)
{
break;
}
hr = ::SetNamedSecurityInfoW(sczFilePath, SE_FILE_OBJECT, DACL_SECURITY_INFORMATION | UNPROTECTED_DACL_SECURITY_INFORMATION, NULL, NULL, pacl, NULL);
if (ERROR_FILE_NOT_FOUND != hr && ERROR_PATH_NOT_FOUND != hr)
{
ConsoleExitOnFailure(hr = HRESULT_FROM_WIN32(hr), CONSOLE_COLOR_RED, "failed to set security descriptor for file: %ls", sczFilePath);
}
}
AssertSz(::IsValidAcl(pacl), "ResetAcls() - created invalid ACL");
LExit:
ReleaseStr(sczFilePath);
ReleaseMem(pacl);
return hr;
}
|