该操作常用于恢复OneDrive的备份文件夹的访问权限:重装系统前将OneDrive文件夹备份到别处,重装系统后,新系统里的用户对备份的文件夹无权访问。
一共需要两步:
-
更改所有者为当前用户
takeown /f J:\Synologydrive /r - 修改权限(username用户完全控制)
cacls J:\SynologyDrive\*.* /T /G username:F
-
将整个文件夹权限设置为本用户完全控制(包括所有子文件夹中的文件)
-
Everyone完全控制权限SECURITY_ATTRIBUTES
SECURITY_ATTRIBUTES SecAttr; SECURITY_DESCRIPTOR SecDesc; InitializeSecurityDescriptor(&SecDesc, SECURITY_DESCRIPTOR_REVISION); SetSecurityDescriptorDacl(&SecDesc, TRUE, NULL, FALSE); SecAttr.nLength = sizeof(SecAttr); SecAttr.bInheritHandle = TRUE; SecAttr.lpSecurityDescriptor = &SecDesc; CreateEventA(&SecAttr, FALSE, TRUE, "Global\\test");
SECURITY_ATTRIBUTES SecAttr; SecAttr.nLength = sizeof(SecAttr); SecAttr.bInheritHandle = FALSE; ConvertStringSecurityDescriptorToSecurityDescriptorA( "D:(A;; GA;;; WD)", SDDL_REVISION_1, &(SecAttr.lpSecurityDescriptor), NULL); CreateEventA(&SecAttr, FALSE, TRUE, "Global\\test");
-
用PowerShell创建自签名证书
New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -DnsName host.doman.com -KeySpec KeyExchange -FriendlyName SQLCert
-
Make Classes Great Again
// // Copyright (c) 2017 Vinnie Falco (vinnie dot falco at gmail dot com) // // Distributed under the Boost Software License, Version 1.0. (See accompanying // file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) // // Official repository: https://github.com/vinniefalco/CppCon2017 // #include <cstdio> #include <iostream> #include <list> #include <map> #include <memory> #include <string> #include <string_view> #include <type_traits> #include <vector> using namespace std; //------------------------------------------------------------------------------ // // Message Container // //------------------------------------------------------------------------------ /// Holds an HTTP message template<bool isRequest, class Body, class Fields> struct message; /// Holds an HTTP request template<class Body, class Fields> struct message<true, Body, Fields> : Fields, private Body::value_type { int version; string_view method() const { return this->get_method(); } void method(string_view s) { this->set_method(s); } string_view target() const { return this->get_target(); } void target(string_view s) { this->set_target(s); } typename Body::value_type const& body() const { return *this; } typename Body::value_type& body() { return *this; } }; /// Holds an HTTP response template<class Body, class Fields> struct message<false, Body, Fields> : Fields, private Body::value_type { int version; int status; string_view reason() const { return this->get_reason(); } void reason(string_view s) { this->set_reason(s); } typename Body::value_type const& body() const { return *this; } typename Body::value_type& body() { return *this; } }; //------------------------------------------------------------------------------ // // Body // //------------------------------------------------------------------------------ /// `true_type` if B meets the requirements of Body template<class B, class = void> struct is_body : false_type { }; template<class B> struct is_body<B, void_t< typename B::value_type, decltype( B::write( declval<ostream&>(), declval<typename B::value_type const&>()), (void)0) >> : true_type { }; /// A Body that uses a string container struct string_body { using value_type = string; static void write( ostream& os, string const& body) { os << body; } }; /// A Body that uses a vector container template<class T> struct vector_body { using value_type = vector<T>; static void write( ostream& os, vector<T> const& body) { os.write(body.data(), body.size()); } }; /// A Body that uses a list container template<class T> struct list_body { using value_type = list<T>; static void write( ostream& os, list<T> const& body) { for(auto const& t : body) os << t; } }; /// A Body using file contents struct file_body { using value_type = string; // Path to file static void write( ostream& os, string const& path) { size_t n; char buf[4096]; FILE* f = fopen(path.c_str(), "rb"); while((n = fread(buf, 1, sizeof(buf), f))) os.write(buf, n); fclose(f); } }; /// An empty body struct empty_body { struct value_type {}; static void write(ostream&, value_type const&) { // Do nothing } }; //------------------------------------------------------------------------------ // // Fields Container // //------------------------------------------------------------------------------ /// A container for HTTP fields template<class Allocator> struct basic_fields { void set(string_view, string_view); string_view operator[](string_view) const; protected: string_view get_method() const noexcept; void set_method(string_view); string_view get_target() const noexcept; void set_target(string_view); string_view get_reason() const noexcept; void set_reason(string_view); }; //------------------------------------------------------------------------------ // // Type Aliases // //------------------------------------------------------------------------------ /// A container for HTTP fields using the default allocator using fields = basic_fields<std::allocator<char>>; /// Holds an HTTP request template<class Body, class Fields = fields> using request = message<true, Body, Fields>; /// Holds an HTTP response template<class Body, class Fields = fields> using response = message<false, Body, Fields>; //------------------------------------------------------------------------------ // // Serialization // //------------------------------------------------------------------------------ /// Serialize the HTTP header to an ostream template<bool isRequest, class Body, class Fields> void write_header(ostream&, message<isRequest, Body, Fields> const&) { } /// Serialize an HTTP Message template<bool isRequest, class Body, class Fields> void write(ostream& os, message<isRequest, Body, Fields> const& msg) { static_assert(is_body<Body>::value, "Body requirements not met"); write_header(os, msg); Body::write(os, msg.body()); } //------------------------------------------------------------------------------ // // Tests // //------------------------------------------------------------------------------ // Error: missing value_type struct invalid_body_1 { using body_type = string; static void write( ostream& os, body_type const& body) { os.write(body.data(), body.size()); } }; // Error: wrong signature for write struct invalid_body_2 { using value_type = string; static void write(ostream& os) { os << "void"; } }; static_assert(is_body<string_body>::value, ""); static_assert(is_body<vector_body<char>>::value, ""); static_assert(is_body<list_body<string>>::value, ""); static_assert(is_body<file_body>::value, ""); static_assert(is_body<empty_body>::value, ""); static_assert(! is_body<invalid_body_1>::value, ""); static_assert(! is_body<invalid_body_2>::value, ""); int main() { { request<string_body> req; write(cout, req); } { response<vector_body<char>> res; write(cout, res); } { response<list_body<string>> res; write(cout, res); } { response<empty_body> res; write(cout, res); } }
-
Taking Object Ownership in C++
#include <windows.h> #include <stdio.h> #include <accctrl.h> #include <aclapi.h> //Forward declaration of SetPrivilege BOOL SetPrivilege( HANDLE hToken, // access token handle LPCTSTR lpszPrivilege, // name of privilege to enable/disable BOOL bEnablePrivilege // to enable or disable privilege ) ; BOOL TakeOwnership(LPTSTR lpszOwnFile) { BOOL bRetval = FALSE; HANDLE hToken = NULL; PSID pSIDAdmin = NULL; PSID pSIDEveryone = NULL; PACL pACL = NULL; SID_IDENTIFIER_AUTHORITY SIDAuthWorld = SECURITY_WORLD_SID_AUTHORITY; SID_IDENTIFIER_AUTHORITY SIDAuthNT = SECURITY_NT_AUTHORITY; const int NUM_ACES = 2; EXPLICIT_ACCESS ea[NUM_ACES]; DWORD dwRes; // Specify the DACL to use. // Create a SID for the Everyone group. if (!AllocateAndInitializeSid(&SIDAuthWorld, 1, SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, &pSIDEveryone)) { printf("AllocateAndInitializeSid (Everyone) error %u\n", GetLastError()); goto Cleanup; } // Create a SID for the BUILTIN\Administrators group. if (!AllocateAndInitializeSid(&SIDAuthNT, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, &pSIDAdmin)) { printf("AllocateAndInitializeSid (Admin) error %u\n", GetLastError()); goto Cleanup; } ZeroMemory(&ea, NUM_ACES * sizeof(EXPLICIT_ACCESS)); // Set read access for Everyone. ea[0].grfAccessPermissions = GENERIC_READ; ea[0].grfAccessMode = SET_ACCESS; ea[0].grfInheritance = NO_INHERITANCE; ea[0].Trustee.TrusteeForm = TRUSTEE_IS_SID; ea[0].Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP; ea[0].Trustee.ptstrName = (LPTSTR) pSIDEveryone; // Set full control for Administrators. ea[1].grfAccessPermissions = GENERIC_ALL; ea[1].grfAccessMode = SET_ACCESS; ea[1].grfInheritance = NO_INHERITANCE; ea[1].Trustee.TrusteeForm = TRUSTEE_IS_SID; ea[1].Trustee.TrusteeType = TRUSTEE_IS_GROUP; ea[1].Trustee.ptstrName = (LPTSTR) pSIDAdmin; if (ERROR_SUCCESS != SetEntriesInAcl(NUM_ACES, ea, NULL, &pACL)) { printf("Failed SetEntriesInAcl\n"); goto Cleanup; } // Try to modify the object's DACL. dwRes = SetNamedSecurityInfo( lpszOwnFile, // name of the object SE_FILE_OBJECT, // type of object DACL_SECURITY_INFORMATION, // change only the object's DACL NULL, NULL, // do not change owner or group pACL, // DACL specified NULL); // do not change SACL if (ERROR_SUCCESS == dwRes) { printf("Successfully changed DACL\n"); bRetval = TRUE; // No more processing needed. goto Cleanup; } if (dwRes != ERROR_ACCESS_DENIED) { printf("First SetNamedSecurityInfo call failed: %u\n", dwRes); goto Cleanup; } // If the preceding call failed because access was denied, // enable the SE_TAKE_OWNERSHIP_NAME privilege, create a SID for // the Administrators group, take ownership of the object, and // disable the privilege. Then try again to set the object's DACL. // Open a handle to the access token for the calling process. if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &hToken)) { printf("OpenProcessToken failed: %u\n", GetLastError()); goto Cleanup; } // Enable the SE_TAKE_OWNERSHIP_NAME privilege. if (!SetPrivilege(hToken, SE_TAKE_OWNERSHIP_NAME, TRUE)) { printf("You must be logged on as Administrator.\n"); goto Cleanup; } // Set the owner in the object's security descriptor. dwRes = SetNamedSecurityInfo( lpszOwnFile, // name of the object SE_FILE_OBJECT, // type of object OWNER_SECURITY_INFORMATION, // change only the object's owner pSIDAdmin, // SID of Administrator group NULL, NULL, NULL); if (dwRes != ERROR_SUCCESS) { printf("Could not set owner. Error: %u\n", dwRes); goto Cleanup; } // Disable the SE_TAKE_OWNERSHIP_NAME privilege. if (!SetPrivilege(hToken, SE_TAKE_OWNERSHIP_NAME, FALSE)) { printf("Failed SetPrivilege call unexpectedly.\n"); goto Cleanup; } // Try again to modify the object's DACL, // now that we are the owner. dwRes = SetNamedSecurityInfo( lpszOwnFile, // name of the object SE_FILE_OBJECT, // type of object DACL_SECURITY_INFORMATION, // change only the object's DACL NULL, NULL, // do not change owner or group pACL, // DACL specified NULL); // do not change SACL if (dwRes == ERROR_SUCCESS) { printf("Successfully changed DACL\n"); bRetval = TRUE; } else { printf("Second SetNamedSecurityInfo call failed: %u\n", dwRes); } Cleanup: if (pSIDAdmin) FreeSid(pSIDAdmin); if (pSIDEveryone) FreeSid(pSIDEveryone); if (pACL) LocalFree(pACL); if (hToken) CloseHandle(hToken); return bRetval; }
-
禁用所有活动网卡(支持还原)
#include <Windows.h> #include <SetupAPI.h> #include <devguid.h> #include <Cfgmgr32.h> #pragma comment(lib,"Setupapi.lib") ULONG NetCardIndex[16]; //参数为FALSE可以将活动网卡禁用,而后用参数TRUE调用 //可以将之前被禁用的网卡启动,并且不会启动非本函数禁用的网卡。 //该方法不支持WOW64,在64位系统中必须以64位代码执行。 ULONG ChangeNetCardStatus(BOOL Enable) { HDEVINFO DeviceInfoSet; SP_DEVINFO_DATA DeviceInfoData; ULONG DeviceIndex; CHAR Buffer[64]; DWORD Size; ULONG Status; ULONG ProblemNumber; SP_PROPCHANGE_PARAMS PropchangeParams; DWORD ChangedCount; ChangedCount = 0; DeviceInfoSet = SetupDiGetClassDevsA( &GUID_DEVCLASS_NET, NULL, NULL, DIGCF_PRESENT); SecureZeroMemory(&DeviceInfoData, sizeof(SP_DEVINFO_DATA)); DeviceInfoData.cbSize = sizeof(SP_DEVINFO_DATA); DeviceIndex = 0; while (SetupDiEnumDeviceInfo( DeviceInfoSet, DeviceIndex, &DeviceInfoData) && DeviceIndex < 16) { DeviceIndex++; if (Enable && NetCardIndex[DeviceIndex - 1] == 0) continue; if (!SetupDiGetDeviceRegistryPropertyA( DeviceInfoSet, &DeviceInfoData, SPDRP_LOCATION_INFORMATION, NULL, (PBYTE)&Buffer, sizeof(Buffer), &Size)) { continue; } if (CR_SUCCESS != CM_Get_DevNode_Status(&Status, &ProblemNumber, DeviceInfoData.DevInst, 0)) continue; //if (Status & DN_WILL_BE_REMOVED) // continue; if (Enable == FALSE && Status & DN_HAS_PROBLEM && ProblemNumber == CM_PROB_DISABLED) continue; PropchangeParams.ClassInstallHeader.cbSize = sizeof(SP_CLASSINSTALL_HEADER); PropchangeParams.ClassInstallHeader.InstallFunction = DIF_PROPERTYCHANGE; PropchangeParams.Scope = DICS_FLAG_GLOBAL; PropchangeParams.StateChange = Enable ? DICS_ENABLE : DICS_DISABLE; if (FALSE == SetupDiSetClassInstallParamsA(DeviceInfoSet, &DeviceInfoData, (PSP_CLASSINSTALL_HEADER)&PropchangeParams, sizeof(PropchangeParams))) { printf("SetupDiSetClassInstallParamsA: %08X\n", GetLastError()); continue; } if (FALSE == SetupDiCallClassInstaller(DIF_PROPERTYCHANGE, DeviceInfoSet, &DeviceInfoData)) { printf("SetupDiCallClassInstaller: %08X\n", GetLastError()); } NetCardIndex[DeviceIndex - 1] = 1; ChangedCount++; } if (DeviceInfoSet) { SetupDiDestroyDeviceInfoList(DeviceInfoSet); } return ChangedCount; } int main() { SecureZeroMemory(&NetCardIndex, sizeof(NetCardIndex)); ChangeNetCardStatus(FALSE); SleepEx(10 * 1000, TRUE); ChangeNetCardStatus(TRUE); return 0; }
