PySecurityDescriptor object to set the process-wide security values.
But I'm not able to find a way to let the code go through.
I have read MSDN and searched web, I've not been able to find answer. I
cooked a security descriptor like this (assume aces is a tuple of tuple
(access, sid) :
sd = win32security.SECURITY_DESCRIPTOR()
sd.Initialize()
sd.SetSecurityDescriptorOwner(sid_owner, False)
sd.SetSecurityDescriptorGroup(sid_group, False)
# create DACL
dacl = win32security.ACL()
dacl.Initialize()
for (access, acc_sid) in aces:
# Add ACE which is access and SID
dacl.AddAccessAllowedAce(win32security.ACL_REVISIO N, access,
isinstance(acc_sid, (unicode, str)) and
win32security.ConvertStringSidToSid(acc_sid) or acc_sid)
sd.SetDacl(True, dacl, False) # SetSecurityDescriptorDacl
print sd.IsSelfRelative() # result is 1
The sd is a self relative one.
>From MSDN, after calling InitializeSecurityDescriptor, the sd isabsolute sd, and CoInitializeSecurity needs absolute sd. Pythonwin has
not wrapped function like 'MakeAbsoluteSD'.
Has someone ever had same problem. Could you give a hint for solving
the problem. Thanks.
Regards