当前位置: 首页 > 面试题库 >

如何在没有pywin32的情况下使用python确定Windows上的文件所有者

万选
2023-03-14
问题内容

我正在编写一个脚本,该脚本需要确定Windows上文件所有者的用户名。

虽然我找到了使用pywin32的解决方案,但是由于我不想添加模块依赖项,因此我很犹豫使用它。

该脚本将为python 2.6编写,并且必须同时在32位和64位平台上运行。

我想知道是否有其他方法(也许使用ctypes)来确定此信息


问题答案:

以下使用ctypes进行调用GetNamedSecurityInfo。最初,它遵循问题中链接的代码片段,但GetNamedSecurityInfo通常比有用GetFileSecurity,尤其是因为它与SetNamedSecurityInfo代替过时的功能配对时特别有用SetFileSecurity

ctypes和类

import ctypes as ctypes
from ctypes import wintypes as wintypes

kernel32 = ctypes.WinDLL('kernel32', use_last_error=True)
advapi32 = ctypes.WinDLL('advapi32', use_last_error=True)

ERROR_INVALID_FUNCTION  = 0x0001
ERROR_FILE_NOT_FOUND    = 0x0002
ERROR_PATH_NOT_FOUND    = 0x0003
ERROR_ACCESS_DENIED     = 0x0005
ERROR_SHARING_VIOLATION = 0x0020

SE_FILE_OBJECT = 1
OWNER_SECURITY_INFORMATION = 0x00000001
GROUP_SECURITY_INFORMATION = 0x00000002
DACL_SECURITY_INFORMATION  = 0x00000004
SACL_SECURITY_INFORMATION  = 0x00000008
LABEL_SECURITY_INFORMATION = 0x00000010

_DEFAULT_SECURITY_INFORMATION = (OWNER_SECURITY_INFORMATION |
    GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION |
    LABEL_SECURITY_INFORMATION)

LPDWORD = ctypes.POINTER(wintypes.DWORD)
SE_OBJECT_TYPE = wintypes.DWORD
SECURITY_INFORMATION = wintypes.DWORD

class SID_NAME_USE(wintypes.DWORD):
    _sid_types = dict(enumerate('''
        User Group Domain Alias WellKnownGroup DeletedAccount
        Invalid Unknown Computer Label'''.split(), 1))

    def __init__(self, value=None):
        if value is not None:
            if value not in self.sid_types:
                raise ValueError('invalid SID type')
            wintypes.DWORD.__init__(value)

    def __str__(self):
        if self.value not in self._sid_types:
            raise ValueError('invalid SID type')
        return self._sid_types[self.value]

    def __repr__(self):
        return 'SID_NAME_USE(%s)' % self.value

PSID_NAME_USE = ctypes.POINTER(SID_NAME_USE)

class PLOCAL(wintypes.LPVOID):
    _needs_free = False
    def __init__(self, value=None, needs_free=False):
        super(PLOCAL, self).__init__(value)
        self._needs_free = needs_free

    def __del__(self):
        if self and self._needs_free:
            kernel32.LocalFree(self)
            self._needs_free = False

PACL = PLOCAL

class PSID(PLOCAL):
    def __init__(self, value=None, needs_free=False):
        super(PSID, self).__init__(value, needs_free)

    def __str__(self):
        if not self:
            raise ValueError('NULL pointer access')
        sid = wintypes.LPWSTR()
        advapi32.ConvertSidToStringSidW(self, ctypes.byref(sid))
        try:
            return sid.value
        finally:
            if sid:
                kernel32.LocalFree(sid)

class PSECURITY_DESCRIPTOR(PLOCAL):
    def __init__(self, value=None, needs_free=False):
        super(PSECURITY_DESCRIPTOR, self).__init__(value, needs_free)
        self.pOwner = PSID()
        self.pGroup = PSID()
        self.pDacl = PACL()
        self.pSacl = PACL()
        # back references to keep this object alive
        self.pOwner._SD = self
        self.pGroup._SD = self
        self.pDacl._SD = self
        self.pSacl._SD = self

    def get_owner(self, system_name=None):
        if not self or not self.pOwner:
            raise ValueError('NULL pointer access')
        return look_up_account_sid(self.pOwner, system_name)

    def get_group(self, system_name=None):
        if not self or not self.pGroup:
            raise ValueError('NULL pointer access')
        return look_up_account_sid(self.pGroup, system_name)

def _check_bool(result, func, args):
    if not result:
        raise ctypes.WinError(ctypes.get_last_error())
    return args

# msdn.microsoft.com/en-us/library/aa376399
advapi32.ConvertSidToStringSidW.errcheck = _check_bool
advapi32.ConvertSidToStringSidW.argtypes = (
    PSID, # _In_   Sid
    ctypes.POINTER(wintypes.LPWSTR)) # _Out_ StringSid

# msdn.microsoft.com/en-us/library/aa379166
advapi32.LookupAccountSidW.errcheck = _check_bool
advapi32.LookupAccountSidW.argtypes = (
    wintypes.LPCWSTR, # _In_opt_  lpSystemName
    PSID,             # _In_      lpSid
    wintypes.LPCWSTR, # _Out_opt_ lpName
    LPDWORD,          # _Inout_   cchName
    wintypes.LPCWSTR, # _Out_opt_ lpReferencedDomainName
    LPDWORD,          # _Inout_   cchReferencedDomainName
    PSID_NAME_USE)    # _Out_     peUse

# msdn.microsoft.com/en-us/library/aa446645
advapi32.GetNamedSecurityInfoW.restype = wintypes.DWORD
advapi32.GetNamedSecurityInfoW.argtypes = (
    wintypes.LPWSTR,       # _In_      pObjectName
    SE_OBJECT_TYPE,        # _In_      ObjectType
    SECURITY_INFORMATION,  # _In_      SecurityInfo
    ctypes.POINTER(PSID),  # _Out_opt_ ppsidOwner
    ctypes.POINTER(PSID),  # _Out_opt_ ppsidGroup
    ctypes.POINTER(PACL),  # _Out_opt_ ppDacl
    ctypes.POINTER(PACL),  # _Out_opt_ ppSacl
    ctypes.POINTER(PSECURITY_DESCRIPTOR)) # _Out_opt_ ppSecurityDescriptor

职能

def look_up_account_sid(sid, system_name=None):
    SIZE = 256
    name = ctypes.create_unicode_buffer(SIZE)
    domain = ctypes.create_unicode_buffer(SIZE)
    cch_name = wintypes.DWORD(SIZE)
    cch_domain = wintypes.DWORD(SIZE)
    sid_type = SID_NAME_USE()
    advapi32.LookupAccountSidW(system_name, sid, name, ctypes.byref(cch_name),
        domain, ctypes.byref(cch_domain), ctypes.byref(sid_type))
    return name.value, domain.value, sid_type

def get_file_security(filename, request=_DEFAULT_SECURITY_INFORMATION):
    # N.B. This query may fail with ERROR_INVALID_FUNCTION
    # for some filesystems.
    pSD = PSECURITY_DESCRIPTOR(needs_free=True)
    error = advapi32.GetNamedSecurityInfoW(filename, SE_FILE_OBJECT, request,
                ctypes.byref(pSD.pOwner), ctypes.byref(pSD.pGroup),
                ctypes.byref(pSD.pDacl), ctypes.byref(pSD.pSacl),
                ctypes.byref(pSD))
    if error != 0:
        raise ctypes.WinError(error)
    return pSD

用法示例

if __name__ == '__main__':
    import os, sys

    if len(sys.argv) < 2:
        script_name = os.path.basename(__file__)
        sys.exit('usage: {} filename'.format(script_name))

    filename = sys.argv[1]
    if isinstance(filename, bytes):
        if hasattr(os, 'fsdecode'):
            filename = os.fsdecode(filename)
        else:
            filename = filename.decode(sys.getfilesystemencoding())

    pSD = get_file_security(filename)
    owner_name, owner_domain, owner_sid_type = pSD.get_owner()
    if owner_domain:
        owner_name = '{}\\{}'.format(owner_domain, owner_name)

    print("Path : {}".format(filename))
    print("Owner: {} ({})".format(owner_name, owner_sid_type))
    print("SID  : {}".format(pSD.pOwner))

示例输出

Path : C:\Users
Owner: NT AUTHORITY\SYSTEM (WellKnownGroup)
SID  : S-1-5-18

Path : C:\ProgramData
Owner: NT AUTHORITY\SYSTEM (WellKnownGroup)
SID  : S-1-5-18

Path : C:\Program Files
Owner: NT SERVICE\TrustedInstaller (WellKnownGroup)
SID  : S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464

Path : C:\Windows
Owner: NT SERVICE\TrustedInstaller (WellKnownGroup)
SID  : S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464


 类似资料:
  • 问题内容: 我怎么能包括为没有MANIFEST.in文件? 我的setup.py看起来像这样: 版本: 我就是无法加入。 还是此博客文章仍然正确? http://blog.codekills.net/2011/07/15/lies,-more-lies-and-python-packaging- documentation-on– package_data-/ 不过,在过去的一个小时中,我了解到这

  • 本文向大家介绍如何在没有ON条件的情况下使用MySQL JOIN?,包括了如何在没有ON条件的情况下使用MySQL JOIN?的使用技巧和注意事项,需要的朋友参考一下 我们可以不加条件地使用“交叉连接”。交叉联接以笛卡尔积形式给出结果。例如,如果一个表中有3条记录,而另一个表中有2条记录,则第一个记录将与所有第二个表记录匹配。然后,将重复相同的过程以进行第二次记录,依此类推。 交叉连接的例子 创建

  • 因此,基本上我正在尝试使用scrapinghub的Crawlera代理,并在windows上使用python的selenium chrome。 我检查了留档,他们建议这样使用Polipo: 1)在 /etc/polipo/config中添加以下行 2) 将此添加到selenium驱动程序 现在我想不使用脊髓灰质炎,直接使用代理。 有没有办法替换polipo_proxy变量并将其更改为crawler

  • 问题内容: 我从Vaadin开始,我想知道在不使用maven的情况下在NetBeans中使用此框架是否可行。原因是使用maven的项目需要很长时间才能下载依赖项,并且由于超时连接问题而无法运行。 我已经下载了“多合一”文件,并尝试按照这些README.txt文件的说明进行操作: 将除vaadin-client和vaadin-client-compiler以外的所有vaadin- *文件复制到项目中

  • 我正在玩grpc 有人成功使用进行生产吗?我们需要包括特使在内的所有依赖项吗?