使用python检查文件夹/文件ntfs权限 [英] Checking folder/file ntfs permissions using python

问题描述

正如问题标题所暗示的，我非常想知道检查给定文件或文件夹的ntfs权限的方法(提示:这些是您在安全性"选项卡中看到的权限).基本上，我需要的是获取文件或目录的路径(在本地计算机上，或者最好在远程计算机的共享上)，并获取用户/组的列表以及该文件/文件夹的相应权限.最终，应用程序将遍历目录树，读取每个对象的权限并进行相应的处理.

现在，我可以想到许多方法:

• 解析cacls.exe输出-容易做到，但是，除非即时消息丢失，否则cacls.exe仅以R | W | C | F(读/写/更改/完整)的形式提供权限不足(我需要获得列表文件夹内容"之类的权限，也需要扩展权限)
• xcacls.exe或xcacls.vbs输出-是的，它们为我提供了我需要的所有权限，但它们的工作速度却非常缓慢，大约需要一秒钟的xcacls.vbs才能获得本地系统文件的权限.这样的速度是不可接受的
• win32security(它包裹在winapi上，对吗?)-我确信它可以像这样处理，但我不想重蹈覆辙

这里还有其他我想念的东西吗?

解决方案

除非您想自己动手，否则win32security是必经之路.这里有一个示例的开头:

http://timgolden.me. uk/python/win32_how_do_i/get-the-owner-of-a-file.html

如果您想稍微危险一点(！)，我正在开发的winsys软件包将完全按照您的要求进行工作.您可以在此处获得开发版本的MSI:

http://timgolden.me.uk/python/downloads/WinSys-0.4.win32-py2.6.msi

或者您也可以检出svn中继:

svn co <​​a href="http://winsys.googlecode.com/svn/trunk" rel="noreferrer"> http://winsys.googlecode.com/svn/trunk winsys

要执行您描述的内容(根据实际要求稍作猜测)，可以执行以下操作:

import codecs
from winsys import fs

base = "c:/temp"
with codecs.open ("permissions.log", "wb", encoding="utf8") as log:
  for f in fs.flat (base):
  log.write ("\n" + f.filepath.relative_to (base) + "\n")
  for ace in f.security ().dacl:
    access_flags = fs.FILE_ACCESS.names_from_value (ace.access)
    log.write (u"  %s => %s\n" % (ace.trustee, ", ".join (access_flags)))

TJG

As the question title might suggest, I would very much like to know of the way to check the ntfs permissions of the given file or folder (hint: those are the ones you see in the "security" tab). Basically, what I need is to take a path to a file or directory (on a local machine, or, preferrably, on a share on a remote machine) and get the list of users/groups and the corresponding permissions for this file/folder. Ultimately, the application is going to traverse a directory tree, reading permissions for each object and processing them accordingly.

Now, I can think of a number of ways to do that:

• parse cacls.exe output -- easily done, BUT, unless im missing something, cacls.exe only gives the permissions in the form of R|W|C|F (read/write/change/full), which is insufficient (I need to get the permissions like "List folder contents", extended permissions too)
• xcacls.exe or xcacls.vbs output -- yes, they give me all the permissions I need, but they work dreadfully slow, it takes xcacls.vbs about ONE SECOND to get permissions on a local system file. Such speed is unacceptable
• win32security (it wraps around winapi, right?) -- I am sure it can be handled like this, but I'd rather not reinvent the wheel

Is there anything else I am missing here?

解决方案

Unless you fancy rolling your own, win32security is the way to go. There's the beginnings of an example here:

http://timgolden.me.uk/python/win32_how_do_i/get-the-owner-of-a-file.html

If you want to live slightly dangerously (!) my in-progress winsys package is designed to do exactly what you're after. You can get an MSI of the dev version here:

http://timgolden.me.uk/python/downloads/WinSys-0.4.win32-py2.6.msi

or you can just checkout the svn trunk:

svn co http://winsys.googlecode.com/svn/trunk winsys

To do what you describe (guessing slightly at the exact requirements) you could do this:

import codecs
from winsys import fs

base = "c:/temp"
with codecs.open ("permissions.log", "wb", encoding="utf8") as log:
  for f in fs.flat (base):
  log.write ("\n" + f.filepath.relative_to (base) + "\n")
  for ace in f.security ().dacl:
    access_flags = fs.FILE_ACCESS.names_from_value (ace.access)
    log.write (u"  %s => %s\n" % (ace.trustee, ", ".join (access_flags)))

TJG

这篇关于使用python检查文件夹/文件ntfs权限的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！