Re: read only folder on Windows

As I already gave you the algorithm, I fail to see what would you
need a sample for. Do you want me to map the functions to the
steps in the algorithm? I expected that part to be self-explanatory
from the function names...

Note, you can't reasonably expect a sample to exist for every little
problem you encounter, would you?

--
=====================================
Alexander Nickolov
Microsoft MVP [VC], MCSD
email: agnickolov@xxxxxxxx
MVP VC FAQ: http://vcfaq.mvps.org
=====================================

"George" <George@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:5A08B134-7843-4CE4-9A00-FCA1D8296301@xxxxxxxxxxxxxxxx
Thanks Alexander,


I have read the API documents from MSDN and also the sample,

http://msdn2.microsoft.com/en-us/library/aa379608.aspx

But I find the sample is not quite clear to understand since it mixed a
couple of other concepts. Do you have recommendations for other samples
which
is more clear to understand access control for folder?


regards,
George

"Alexander Nickolov" wrote:

Well, here are some fuinctions for manipulating file object security
(in this case the object is a FS folder):

GetFileSecurity
SetFileSecurity
GetSecurityDescriptorDacl
SetSecurityDescriptorDacl
CreateWellKnownSid
AddAce

The algorithm is simple:
1. Get the folder security descriptor (SD)
2. Get the DACL from the SD
3. Create the well-known SID for everyone (WinWorldSid)
4. Add a deny ACE to the DACL
5. Update the DACL in the SD
6. Update the SD of the folder object

Of course you need to have permissions to change the folder
permissions (you likely need to be an administartor) to do that.

--
=====================================
Alexander Nickolov
Microsoft MVP [VC], MCSD
email: agnickolov@xxxxxxxx
MVP VC FAQ: http://vcfaq.mvps.org
=====================================

"George" <George@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:A6306A54-84E8-41C0-A2B3-5A63FEB4EDD5@xxxxxxxxxxxxxxxx
Hi Alexander,


Could you let me know whether this function (deny property) supports
Windows
XP? If yes, could you recommend some links of learning resources
please?


regards,
George

"Alexander Nickolov" wrote:

And to complete Larry's reply, you can also set folder security
attributes programmatically. I'd do it by adding a deny entry
for write for the everyone. Note this will prevent you from
adding new files or deleting existing files in the folder. It may
not prevent you from editing the individual files (I'm not 100%
cetain on this one though - you should test as the existing files
may get it as inherited ACE...).

--
=====================================
Alexander Nickolov
Microsoft MVP [VC], MCSD
email: agnickolov@xxxxxxxx
MVP VC FAQ: http://vcfaq.mvps.org
=====================================

"Larry Smith" <no_spam@xxxxxxxxxxx> wrote in message
news:OqXKF27HIHA.5764@xxxxxxxxxxxxxxxxxxxxxxx
The read-only attribute on a folder simply means you can't delete
the
folder itself. If you want to prevent someone from creating
files/folders
beneath it then you have to change its security. On the same
property
*** where you set its read-only attribute, choose the "Security"
tab
instead. You can Google for the details of how to actually make the
folder
"read-only". You should also heed Alexander's advice and test with a
real
CD as well (or whatever read-only media you're using). In practice
your
code should behave the same in both cases (usually) but you never
know
what differences you might encounter until you actually try it.









.

Loading