英文:
How to control file access in Windows?
问题
Go提供了os.Chmod()
函数来设置文件和目录的权限。例如,如果我想确保一个文件只能被当前用户访问,可以使用以下代码:
os.Chmod("somefile.txt", 0600)
这在Linux上运行得很好,但在Windows上却没有任何效果。在查看Go源代码后,我发现了它的实现。看起来,S_IWRITE
是唯一支持的属性。
我该如何使用Go在Windows上控制文件或目录的访问权限呢?
英文:
Go provides os.Chmod()
for setting file and directory permissions. For example, if I want to ensure a file is accessible only to the current user, I can do the following:
os.Chmod("somefile.txt", 0600)
This works great on Linux but does absolutely nothing on Windows. After digging into the Go source code, I came across its implementation. It seems like S_IWRITE
is the only attribute supported.
How do I control access to a file or directory on Windows using Go?
答案1
得分: 16
解释
Windows不使用传统的Unix权限。相反,Windows通过访问控制来控制对文件和目录的访问。每个对象都有一个ACL(访问控制列表) *,用于控制对该对象的访问。
每个ACL基本上是一个ACE(访问控制条目)列表,确定特定受托人(用户、组等)被授予的访问权限。例如,一个文件可能包含一个ACE,授予特定用户对文件的读取访问权限(GENERIC_READ
)。
通过Windows API中的授权函数来操作ACL和ACE。
* 从技术上讲,每个对象有两个ACL - 一个DACL和一个SACL
解决方案
幸运的是,不需要学习所有这些函数。我已经编写了一个名为"go-acl"的小型Go包,它完成了所有繁重的工作,并公开了一个名为(当然)Chmod
的函数。基本用法如下:
import "github.com/hectane/go-acl"
err := acl.Chmod("C:\\path\\to\\file.txt", 0755)
if err != nil {
panic(err)
}
结果
Chmod()
函数在文件的ACL中创建了三个ACE:
-
一个用于所有者(
WinCreatorOwnerSid
) -
一个用于组(
WinCreatorGroupSid
) -
一个用于其他所有人(
WinWorldSid
)
英文:
Explanation
Windows does not use traditional Unix permissions. Instead, Windows controls access to files and directories through access control. Each object has an ACL (Access Control List)<sup>*</sup> which controls access to the object.
Each ACL is basically a list of ACEs (Access Control Entries) which determine what access a specific trustee (user, group, etc.) is granted. For example, a file may contain an ACE granting a specific user read access (GENERIC_READ
) to the file.
Manipulating ACLs and ACEs is done through the authorization functions in the Windows API.
<sub><sup>* technically each object has two ACLs - a DACL and a SACL</sup></sub>
Solution
Thankfully, learning all of these functions isn't necessary. I've put together a small Go package named "go-acl" that does all of the heavy-lifting and exposes a function named (what else?) Chmod
. Basic usage is as follows:
import "github.com/hectane/go-acl"
err := acl.Chmod("C:\\path\\to\\file.txt", 0755)
if err != nil {
panic(err)
}
Results
The Chmod()
function creates three ACEs in the file's ACL:
-
one for the owner (
WinCreatorOwnerSid
) -
one for the group (
WinCreatorGroupSid
) -
one for everyone else (
WinWorldSid
)
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论