mhgd 发表于 2009-4-30 01:10:36

如何开只读共享???

本帖最后由 mhgd 于 2009-5-3 18:24 编辑

以下代码能正常运行,但效果是开了个完全共享,太不安全了,能否改能开只读共享,请高手指教!!!

#include <NetShare.au3>
$cfg = @ScriptDir & "\配置文件.ini"
Func N_Share()
        $var = IniReadSection($cfg, "共享")
        If Not @error And $var > 0 Then
                For $i = 1 To $var
             If FileExists($var[$i]) then
             If _Net_Share_ShareCheck (@ComputerName, $var[$i]) = -1 Then _Net_Share_ShareAdd (@ComputerName, $var[$i], 0, $var[$i])
                  EndIf
                Next
        EndIf
EndFunc


;配置文件:
;[共享]
;共享名=文件路径

pusofalse 发表于 2009-4-30 01:45:17

NetShareAdd 中第3个参数指向一个含有共享信息的结构体,结构中的Permission可以设置权限,具体参考:http://msdn.microsoft.com/en-us/library/bb525408(VS.85).aspx

mhgd 发表于 2009-4-30 16:08:58

太高深了,是C语言啊,
我只会用au3,还不会调用API啊,能否给个例子。。。
多谢了。

pusofalse 发表于 2009-4-30 16:47:35

Re 3#:

本帖最后由 pusofalse 于 2009-4-30 18:05 编辑

3# mhgd


抱歉,收回2楼的话,当时没有测试就妄下断语了~ 设置只读共享需要设置“安全描述符(Security Descriptor)”, 这个要麻烦好多。以下添加d盘为只读共享,不知有无简洁的方法。#include <WinAPI.au3>

CONST $FILE_CREATE_PIPE_INSTANCE = 4
CONST $GENERIC_ALL = 0x10000000
CONST $GENERIC_READ = 0x80000000
CONST $GENERIC_WRITE = 0x40000000
CONST $FILE_EXECUTE = 0x20
CONST $FILE_TRAVERSE = 0x20

$hHeap = _GetProcessHeap()
$pAcl = _HeapAlloc($hHeap, 0, 1024)
_InitializeAcl($pAcl, 1024)

$tSecurDesc = _InitializeSecurityDescriptor()
$pSecurDesc = DllStructGetPtr($tSecurDesc)

$tSid = _LookupAccountName(@UserName)
$pSid = DllStructGetPtr($tSid)
_AddAccessAllowedAce($pAcl, $pSid, $GENERIC_READ)
_SetSecurityDescriptorDacl($pSecurDesc, $pAcl)


$tagShareInfo502 = "ptr;dword;ptr;dword;ptr;dword;ptr"

$tShare = DllStructCreate($tagShareInfo502)
$pShare = DllStructGetPtr($tShare)

$tName = DllStructCreate("char")
$pName = DllStructGetPtr($tName)

$tPath = DllStructCreate("char")
$pPath = DllStructGetPtr($tPath)


_WinAPI_MultiByteToWideCharEx("d", $pName)
_WinAPI_MultiByteToWideCharEx("d:\", $pPath)


DllStructSetData($tShare, 1, $pName)
DllStructSetData($tShare, 2, 0)
DllStructSetData($tShare, 4, -1, 2)
DllStructSetData($tShare, 5, $pPath, 1)
DllStructSetData($tShare, 7, $pSecurDesc)

$iResult = DllCall("netapi32.dll", "int", "NetShareAdd", _
                "wstr", "\\127.0.0.1", "dword", 502, "ptr", $pShare, "int*", 0)
_HeapFree($hHeap, $pAcl)

If $iResult = 0 Then
        Msgbox(0, $iResult, "Succeeded!")
Else
        Msgbox(0, "Failed!", "ErrorCode: " & $iResult)
EndIf


Func _AddAccessAllowedAce($pACL, $pSid, $iAccess)
        Local $iResult
        $iResult = DllCall("advapi32.dll", "int", "AddAccessAllowedAce", _
                        "ptr", $pACL, "dword", 2, _
                        "dword", $iAccess, "ptr", $pSid)
        Return SetError(Not $iResult, 0, $iResult <> 0)
EndFunc        ;==>_AddAccessAllowedAce()

Func _GetProcessHeap()
        Local $hHeap
        $hHeap = DllCall("Kernel32.dll", "hWnd", "GetProcessHeap")
        Return $hHeap
EndFunc        ;==>_GetProcessHeap()

Func _HeapAlloc($hHeap, $iflag, $iSize)
        Local $pMem
        $pMem = DllCall("Kernel32.dll", "ptr", "HeapAlloc", _
                        "hWnd", $hHeap, "int", $iflag, "dword", $iSize)
        Return SetError(Not $pMem, 0, $pMem)
EndFunc        ;==>_HeapAlloc()

Func _HeapFree($hHeap, $pMem)
        Local $iResult
        $iResult = DllCall("Kernel32.dll", "int", "HeapFree", _
                        "hWnd", $hHeap, "dword", 1, "ptr", $pMem)
        Return SetError(Not $iResult, 0, $iResult <> 0)
EndFunc        ;==>_HeapFree()


Func _InitializeAcl($pAcl, $iSize)
        Local $iResult
        $iResult = DllCall("advapi32.dll", "int", "InitializeAcl", _
                        "ptr", $pAcl, "dword", $iSize, "dword", 2)
        Return SetError(Not $iResult, 0, $iResult <> 0)
EndFunc        ;==>_InitializeAcl()

Func _InitializeSecurityDescriptor()
        Local $iResult, $tSecurDesc, $pSecurDesc

        $tSecurDesc = DllStructCreate("dword")
        $pSecurDesc = DllStructGetPtr($tSecurDesc)
        $iResult = DllCall("advapi32.dll", "int", "InitializeSecurityDescriptor", _
                        "ptr", $pSecurDesc, "dword", 1)
        Return SetError(Not $iResult, 0, $tSecurDesc)
EndFunc        ;==>_InitializeSecurityDescriptor()

Func _SetSecurityDescriptorDacl($pSecurDesc, $pACL, $iPresent = 1, $iDefault = 0)
        Local $iResult
        $iResult = DllCall("advapi32.dll", "int", "SetSecurityDescriptorDacl", _
                        "ptr", $pSecurDesc, "int", $iPresent, _
                        "ptr", $pACL, "int", $iDefault)
        Return SetError(Not $iResult, 0, $iResult <> 0)
EndFunc        ;==>_SetSecurityDescriptorDacl()


Func _LookupAccountName($sAccount, $sSystem = "")
        Local $iResult, $tSid, $pSid, $zSid, $tDomain, $pDomain, $zDomain

        $iResult = DllCall("advapi32.dll", "int", "LookupAccountName", _
                        "str", $sSystem, "str", $sAccount, _
                        "ptr", 0, "dword*", 0, "ptr", 0, "dword*", 0, "int*", 0)

        $zSid = $iResult
        $zDomain = $iResult
        $tSid = DllStructCreate("ubyte[" & $zSid & "]")
        $pSid = DllStructGetPtr($tSid)
        $tDomain = DllStructCreate("char[" & $zDomain & "]")
        $pDomain = DllStructGetPtr($tDomain)

        $iResult = DllCall("advapi32.dll", "int", "LookupAccountName", _
                        "str", $sSystem, "str", $sAccount, _
                        "ptr", $pSid, "dword*", $zSid, _
                        "ptr", $pDomain, "dword*", $zDomain, _
                        "int*", 0)
        Return SetError(Not $iResult, $iResult, $tSid)
EndFunc        ;==>_LookupAccountName()

mhgd 发表于 2009-4-30 18:34:34

本帖最后由 mhgd 于 2009-5-3 18:27 编辑

成功一半,多谢pusofalse,
但共享中什么都没选择,测试只有本机可以访问,其它机子无法访问,
完全共享可以成功,就是只读共享不行,没有打钩啊。。。。

llztt 发表于 2009-4-30 20:27:42

我以前好象用的是SETACL来

mhgd 发表于 2009-5-3 18:26:53

SETACL是用来设置NTFS权限的,不能用来设置共享权限吧。。。。

sensel 发表于 2009-5-3 19:01:46

注意是setcal,不是cacls。
setcal可以设置NTFS、共享、注册表的权限。

mhgd 发表于 2009-5-3 21:31:07

谁有setcal,发一份给我啊,
网上都搜不到。。。
页: [1]
查看完整版本: 如何开只读共享???