473,722 Members | 2,458 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Security Descriptor and CoInitializeSec urity

I'd like to call pythoncom.CoIni tializeSecurity with a
PySecurityDescr iptor object to set the process-wide security values.
But I'm not able to find a way to let the code go through.

I have read MSDN and searched web, I've not been able to find answer. I
cooked a security descriptor like this (assume aces is a tuple of tuple
(access, sid) :

sd = win32security.S ECURITY_DESCRIP TOR()
sd.Initialize()
sd.SetSecurityD escriptorOwner( sid_owner, False)
sd.SetSecurityD escriptorGroup( sid_group, False)
# create DACL
dacl = win32security.A CL()
dacl.Initialize ()
for (access, acc_sid) in aces:
# Add ACE which is access and SID
dacl.AddAccessA llowedAce(win32 security.ACL_RE VISION, access,
isinstance(acc_ sid, (unicode, str)) and
win32security.C onvertStringSid ToSid(acc_sid) or acc_sid)

sd.SetDacl(True , dacl, False) # SetSecurityDesc riptorDacl
print sd.IsSelfRelati ve() # result is 1

The sd is a self relative one.
>From MSDN, after calling InitializeSecur ityDescriptor, the sd is
absolute sd, and CoInitializeSec urity needs absolute sd. Pythonwin has
not wrapped function like 'MakeAbsoluteSD '.

Has someone ever had same problem. Could you give a hint for solving
the problem. Thanks.

Regards

Dec 1 '06 #1
1 3230

Huayang Xia wrote:
I'd like to call pythoncom.CoIni tializeSecurity with a
PySecurityDescr iptor object to set the process-wide security values.
But I'm not able to find a way to let the code go through.

I have read MSDN and searched web, I've not been able to find answer. I
cooked a security descriptor like this (assume aces is a tuple of tuple
(access, sid) :

sd = win32security.S ECURITY_DESCRIP TOR()
sd.Initialize()
sd.SetSecurityD escriptorOwner( sid_owner, False)
sd.SetSecurityD escriptorGroup( sid_group, False)
# create DACL
dacl = win32security.A CL()
dacl.Initialize ()
for (access, acc_sid) in aces:
# Add ACE which is access and SID
dacl.AddAccessA llowedAce(win32 security.ACL_RE VISION, access,
isinstance(acc_ sid, (unicode, str)) and
win32security.C onvertStringSid ToSid(acc_sid) or acc_sid)

sd.SetDacl(True , dacl, False) # SetSecurityDesc riptorDacl
print sd.IsSelfRelati ve() # result is 1

The sd is a self relative one.
>>From MSDN, after calling InitializeSecur ityDescriptor, the sd is
absolute sd, and CoInitializeSec urity needs absolute sd. Pythonwin has
not wrapped function like 'MakeAbsoluteSD '.

Has someone ever had same problem. Could you give a hint for solving
the problem. Thanks.

Regards
PySECURITY_DESC RIPTOR's are always stored in self-relative format.
They should be converted automatically in the few places that require an
absolute SD, but looks like this one was missed.
Could you file a bug report on SourceForge ?
http://sourceforge.net/projects/pywin32/

Roger


----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
----= East and West-Coast Server Farms - Total Privacy via Encryption =----
Dec 2 '06 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
2245
by: Luke Wojtow | last post by:
Hi all, http://bugs.mysql.com/bug.php?id=3779 Discussion about insecurity of mysql_pconnect in multi-server/multi-user environment.Can anyone explain what Hartmut Holzgraefe meant by "But even if close_on_exec were set on PHP->MySQL connections there would still be the risk of connection hijacking with PHP pconnect as any other piece of code executed within the web server context has access to the persistant connection. This especially...
9
6328
by: Clas Hortien | last post by:
Hello, i try to get access to a local virtual server object. I have a aspx page with a button and textbox, this is the code: public class WebForm1 : System.Web.UI.Page { protected System.Web.UI.WebControls.Button btnFillBox; protected System.Web.UI.WebControls.TextBox txtHost; protected System.Web.UI.WebControls.Label Label1;
10
1782
by: Jayme Pechan | last post by:
I wrote a very simply web application and I'm having all sorts of problems with the security getting in the way. All the web application does is load an out-of-process COM server that is running as a service. The code is here written for both a WinForm C# application (which works correctly) and a Web application (which does not work correctly): // C# application xtapisvrLib.XtapiConfig x = new xtapisvrLib.XtapiConfigClass(); ...
1
8702
by: Jan Nielsen | last post by:
In a C# application I'm using the NetShareGetInfo API function to get some information about a share. This is working all right. Now I want my application to be able to display the contents of the security descriptor as well. Using NetShareGetInfo I get a IntPtr (SECURITY_DESCRIPTOR*) to the security descriptor. I would like to convert this into an ActiveDs.IADsSecurityDescriptor.
1
2652
by: Danko Greiner | last post by:
Thanx Willy, this was very helpful. But i also need (and want to know) how to do this from code. Can you plase give me right topic in MSDN? is there good example? Thanx p.s. this is copy/paste from previous thread, don't ask why... "Grei" <danko.greinerREMOVE@zg.htnet.hr> wrote in message news:d1vihg$m3b$1@ss405.t-com.hr...
0
3832
by: ChrisWoodruff | last post by:
I have a C++ function in a COM object that I am trying to implement in VB.NET (the functionality, NOT the COM object, I want to remove the requirement for the COM DLL) I am an experienced VB programmer, but this is my first .NET app... Original Code (what I have been doing and works) VB6 (extra stuff removed for clarity) Set objWbem = CreateObject("WbemScripting.SWbemLocator") Set objSvc = objWbem.ConnectServer(ComputerName, "root")
2
1258
by: Yosh | last post by:
How do you validate a user that is currently logged in against a Security Descriptor to see if they have access to an object? Hope this makes sense. Thanks, Yosh
1
1541
by: Surfy wu | last post by:
HI all: Call poll() function at two threads, and the important is the two threads are waitting for the same socket descriptor . one of them is set POLLIN , the other is set POLLOUT. What i want to know is whether i should protect the socket descriptor by using lock. thanks advance
2
1480
by: Newsgroups | last post by:
Hi, I found some code from codeproject site using WMI in VC++. I have created a method having the following code in it. It works fine when I am running into "Admin" accound in Windows XP Pro while in "Restricted user account", its not able to run. It's giving error messsage "Could not enumerate" so it seems "pEnumObject" seems null or empty. Please help, Thanks in advance,
0
8867
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
0
8740
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
0
9386
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
0
9239
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
0
9090
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
0
8059
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
0
5996
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
0
4764
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
1
3208
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.