Click here to Skip to main content
15,860,972 members
Articles / Desktop Programming / MFC
Article

CNTFS - A simple lib for managing NTFS permissions and audit settings.

Rate me:
Please Sign up or sign in to vote.
4.48/5 (20 votes)
22 Oct 20031 min read 129.5K   2.3K   37   26
CNTFS is a simple lib for setting NTFS permissions and audit settings.

Sample Image - ACLEditor.jpg

Introduction

CNTFS lib is a simple C++ wrapper for many of the Microsoft security calls such as: GetNamedSecurityInfo, GetAclInformation, AddAccessAllowedAceEx and many others. CNTFS is used to set NTFS permissions and audit settings on files and folders. It's a programmatic alternative to using utilities such as xcacls.exe.

Interface

The following methods are supported in the lib:

int DeleteDACL(CString & I_objPath, BOOL I_removeInheritance)

int DeleteSACL(CString & I_objPath, BOOL I_removeInheritance)

int RemoveInheritance(CString & I_objPath)

int TakeOwnership(CString & I_objPath, CString & I_newOwner)

int AddACEToDACL(CString & I_objPath, 
                 CString & I_securityPrincipal, 
                 DWORD I_objPermission)

int AddACEToSACL(CString & I_objPath, 
                 CString & I_securityPrincipal, 
                 DWORD I_objPermission,
                 BOOL I_auditSuccess,
                 BOOL I_auditFailure)

ACLEditor

ACLEditor is a test application for the CNTFS lib. One of the more tricky aspects of CNTFS is the use of access mask flags. Winnt.h defines access mask flags that can be OR'd together. For example, the Modify permission consists of: FILE_GENERIC_READ | FILE_GENERIC_WRITE | FILE_GENERIC_EXECUTE | DELETE. Among other things, ACLEditor demonstrates the use of access masks in setting NTFS permissions.

Building

Be sure to have the Microsoft Platform SDK in c:\program files\Microsoft SDK. The project settings will reference the include files directory. I've run the lib through Rational Purify so all the mem leaks should be gone.

Any comments or suggestions are welcome.

Enjoy!

Version History

  • Version 1.1 - (Oct 23, 2003) Added support for modifying DACLs and SACLs on registry keys. Consolidated RemoveDACLInheritance and RemoveSACLInheritance into RemoveInheritance method by adding aclType enum.
  • Version 1.0 - (Apr 4, 2003) Initial Release.

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here


Written By
Web Developer
Canada Canada
This member has not yet provided a Biography. Assume it's interesting and varied, and probably something to do with programming.

Comments and Discussions

 
BugDoes not work on Windows 7 Pin
rhythm16-May-12 7:37
rhythm16-May-12 7:37 
GeneralBug in ResolveSID Pin
brianbacon15-Jan-11 6:26
brianbacon15-Jan-11 6:26 
GeneralMy vote of 4 :) Pin
Kushagra Tiwari3-Nov-09 22:57
Kushagra Tiwari3-Nov-09 22:57 
QuestionDelete account Pin
Jack6910487121-Oct-08 2:53
Jack6910487121-Oct-08 2:53 
GeneralCrash on FAT file system Pin
Member 36743904-Aug-08 2:07
Member 36743904-Aug-08 2:07 
QuestionCNTFS Java Example ? Pin
belaie_maqsood27-Apr-06 11:02
belaie_maqsood27-Apr-06 11:02 
Generalhelp !! it's not working in this case Pin
Anonymous26-Aug-05 16:26
Anonymous26-Aug-05 16:26 
QuestionWhat about NetFileEnum() Pin
Alex Evans28-Oct-04 23:40
Alex Evans28-Oct-04 23:40 
GeneralPerfect Pin
Steve Schaneville21-Oct-03 7:22
professionalSteve Schaneville21-Oct-03 7:22 
GeneralRe: Perfect Pin
Alex Evans28-Oct-04 23:43
Alex Evans28-Oct-04 23:43 
GeneralERROR- Missing More Files !!! Pin
Bill SerGio, The Infomercial King11-Apr-03 6:25
Bill SerGio, The Infomercial King11-Apr-03 6:25 
GeneralRe: ERROR- Missing More Files !!! Pin
Andreas Saurwein11-Apr-03 6:41
Andreas Saurwein11-Apr-03 6:41 
GeneralRe: ERROR- Missing More Files !!! Pin
yaron_gvili18-Apr-04 6:10
yaron_gvili18-Apr-04 6:10 
QuestionRe: ERROR- Missing More Files !!! Pin
tlongman7-Jan-07 15:17
tlongman7-Jan-07 15:17 
GeneralAddAccessAllowedAceEx - Only availabe on win 2000 and later Pin
Christoph Weber7-Apr-03 22:39
Christoph Weber7-Apr-03 22:39 
GeneralRe: AddAccessAllowedAceEx - Only availabe on win 2000 and later Pin
Kevin Hilscher8-Apr-03 16:53
Kevin Hilscher8-Apr-03 16:53 
GeneralWarning: Code Won't Compile! Pin
Bill SerGio, The Infomercial King6-Apr-03 1:22
Bill SerGio, The Infomercial King6-Apr-03 1:22 
GeneralRe: Warning: Code Won't Compile! Pin
Ryan Binns6-Apr-03 4:02
Ryan Binns6-Apr-03 4:02 
GeneralRe: Warning: Code Won't Compile! Pin
Bill SerGio, The Infomercial King7-Apr-03 6:06
Bill SerGio, The Infomercial King7-Apr-03 6:06 
GeneralRe: Warning: Code Won't Compile! Pin
Ryan Binns7-Apr-03 13:48
Ryan Binns7-Apr-03 13:48 
GeneralRe: Warning: Code Won't Compile! Pin
Kevin Hilscher6-Apr-03 5:09
Kevin Hilscher6-Apr-03 5:09 
GeneralRe: Warning: Code Won't Compile! Pin
Anonymous24-Jun-05 23:40
Anonymous24-Jun-05 23:40 
Generaldemo project size Pin
Stephane Rodriguez.5-Apr-03 4:45
Stephane Rodriguez.5-Apr-03 4:45 
GeneralRe: demo project size Pin
Kevin Hilscher5-Apr-03 12:39
Kevin Hilscher5-Apr-03 12:39 
GeneralOmmission- Forgot PROTECTED_DACL_SECURITY_INFORMATION Pin
Bill SerGio, The Infomercial King6-Apr-03 1:11
Bill SerGio, The Infomercial King6-Apr-03 1:11 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.