Beefy Boxes and Bandwidth Generously Provided by pair Networks Cowboy Neal with Hat
Perl-Sensitive Sunglasses
 
PerlMonks  

Re: Win32API::Registry::RegGetKeySecurity how to unpack the structure of $pSecDesc?

by Util (Priest)
on Jan 13, 2006 at 09:42 UTC ( [id://522996]=note: print w/replies, xml ) Need Help??

This is an archived low-energy page for bots and other anonmyous visitors. Please sign up if you are a human and want to interact.


in reply to Win32API::Registry::RegGetKeySecurity how to unpack the structure of $pSecDesc?

Because you are not using strict or warnings, you cannot see that DACL_SECURITY_INFORMATION is not defined. This results in $pSecDesc containing the wrong data, which cannot be decoded.
Adding this line populates $pSecDesc correctly:

  use Win32 qw( DACL_SECURITY_INFORMATION );

[download]

You still need to decode the Security Descriptor; this (thrown together, barely tested) program may help: 

use strict;
use warnings;
use Data::Dumper; $Data::Dumper::Useqq = 1; $| = 1;

my $host = '127.0.0.1';
my $reg_key = 'SOFTWARE\\7-zip';

use Win32 qw( DACL_SECURITY_INFORMATION );
use Win32API::Registry 0.21 qw( :ALL ); 

# Get the Security Descriptor
my $reg_api; 
RegConnectRegistry( $host, HKEY_LOCAL_MACHINE, $reg_api ) or die $^E;

my $key;
RegOpenKeyEx( $reg_api, $reg_key, 0, KEY_READ, $key )  or die $^E;

my $pSecDesc;
RegGetKeySecurity( $key, DACL_SECURITY_INFORMATION, $pSecDesc ) or die
+ $^E;

# Print the raw DACL.
print "\n", Dumper $pSecDesc;

# Decode the Security Descriptor
use Win32::API;
use constant SDDL_REVISION_1  => 0x1;

my $ConvertSDToString = Win32::API->new(
  'ADVAPI32', 
  'ConvertSecurityDescriptorToStringSecurityDescriptor',
  ['P', 'N', 'N', 'P', 'N'],
  'N',
);

my $ptr_strSDDL = pack 'L', 0; # DWORD;
my $ObjSD = $ConvertSDToString->Call(
  $pSecDesc, 
  SDDL_REVISION_1, 
  0xF, 
  $ptr_strSDDL,
  0,
) or die $^E;

my $strSDDL = unpack 'p', $ptr_strSDDL;

# Print the decoded DACL.
print "\n", Dumper $strSDDL;

[download]

Replies are listed 'Best First'.
Re^2: Win32API::Registry::RegGetKeySecurity how to unpack the structure of $pSecDesc?
by Sioln (Sexton) on Jan 13, 2006 at 10:01 UTC

    Thank you!

    The code works fine. I've got 2 versions of var: 

    #RAW
$VAR1 = "\1\0\4\204\0\0\0\0\0\0\0\0\0\0\0\0\24\0\0\0\2\0\350\0\n\0\0\0
+\0\2\24\0?\0\17\0\1\1\0\0\0\0\0\5\13\0\0\0\0\20\30\0\31\0\2\0\1\2\0\0
+\0\0\0\5 \0\0\0!\2\0\0\0\32\30\0\0\0\0\200\1\2\0\0\0\0\0\5 \0\0\0!\2\
+0\0\0\20\30\0\37\0\3\0\1\2\0\0\0\0\0\5 \0\0\0#\2\0\0\0\32\30\0\0\0\1\
+300\1\2\0\0\0\0\0\5 \0\0\0#\2\0\0\0\20\30\0?\0\17\0\1\2\0\0\0\0\0\5 \
+0\0\0 \2\0\0\0\32\30\0\0\0\0\20\1\2\0\0\0\0\0\5 \0\0\0 \2\0\0\0\20\24
+\0?\0\17\0\1\1\0\0\0\0\0\5\22\0\0\0\0\32\24\0\0\0\0\20\1\1\0\0\0\0\0\
+5\22\0\0\0\0\32\24\0\0\0\0\20\1\1\0\0\0\0\0\3\0\0\0\0";
#DECODED
$VAR1 = "D:AI(A;CI;KA;;;AU)(A;ID;KR;;;BU)(A;CIIOID;GR;;;BU)(A;ID;CCDCL
+CSWRPSDRC;;;PU)(A;CIIOID;SDGWGR;;;PU)(A;ID;KA;;;BA)(A;CIIOID;GA;;;BA)
+(A;ID;KA;;;SY)(A;CIIOID;GA;;;SY)(A;CIIOID;GA;;;CO)";

    [download]

    Can You explain - how can I parse this var to understandable value(hash maybe)? E.g. %{USER}->{HIS RIGTHS} ?

    And if its possible - give an example to RegSetKeySecurity. I mean the ACL string forming(packing maybe).

[reply]
[d/l]
Re^2: Win32API::Registry::RegGetKeySecurity how to unpack the structure of $pSecDesc? (misc)
by tye (Sage) on Jan 13, 2006 at 12:31 UTC

    Unfortunately, no one has written (well, released, AFAIK) Win32API::Security and the modules I've seen that deal with security don't take the general approach I pushed for with Win32API::* so they don't handle security descriptors directly. For example, some only work on files.

    I /have/ found Reg[GS]etKeySecurity() useful in cases, even so. I'd use the GUI to set the desired permissions on a reference key and then just copy those permissions to other keys (such a new keys) via my script.

    I'd also use Win32::TieRegistry: 

    use Win32::TieRegistry( Delimiter => "/" );
my $sec;
$Registry->{"LMachine/Software/7-Zip/"}->RegGetKeySecurity( 4, $sec, [
+] );

    [download]

    (Not recommending using "4" over importing the correct definitions from Win32, just being cheap and short for the sake of emphasizing the other aspects of the example.)

    - tye        

[reply]
[d/l]
[select]
[reply]

        You can call RegSetKeySecurity() on Win32::TieRegistry objects. No, Win32::FileSecurity only works on files, unfortunately.

        - tye        

[reply]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://522996]
help
Sections?
Information?
Find Nodes?
Leftovers?
    Notices?
    hippoepoptai's answer Re: how do I set a cookie and redirect was blessed by hippo!
    erzuuliAnonymous Monks are no longer allowed to use Super Search, due to an excessive use of this resource by robots.