mirror of
https://github.com/DNSCrypt/dnscrypt-proxy.git
synced 2025-01-01 00:57:32 +01:00
4324a09fc9
To simulate failures opening a cache file, fixtures are written without the read permission bits. Since Unix permission bits have no meaning on Windows, a slightly more complicated solution is required to achieve the same permissions. Thankfully, there's a library to abstract that already.
39 lines
978 B
Go
39 lines
978 B
Go
//+build windows
|
|
|
|
package acl
|
|
|
|
import (
|
|
"os"
|
|
|
|
"golang.org/x/sys/windows"
|
|
)
|
|
|
|
// Change the permissions of the specified file. Only the nine
|
|
// least-significant bytes are used, allowing access by the file's owner, the
|
|
// file's group, and everyone else to be explicitly controlled.
|
|
func Chmod(name string, fileMode os.FileMode) error {
|
|
// https://support.microsoft.com/en-us/help/243330/well-known-security-identifiers-in-windows-operating-systems
|
|
creatorOwnerSID, err := windows.StringToSid("S-1-3-0")
|
|
if err != nil {
|
|
return err
|
|
}
|
|
creatorGroupSID, err := windows.StringToSid("S-1-3-1")
|
|
if err != nil {
|
|
return err
|
|
}
|
|
everyoneSID, err := windows.StringToSid("S-1-1-0")
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
mode := uint32(fileMode)
|
|
return Apply(
|
|
name,
|
|
true,
|
|
false,
|
|
GrantSid(((mode&0700)<<23)|((mode&0200)<<9), creatorOwnerSID),
|
|
GrantSid(((mode&0070)<<26)|((mode&0020)<<12), creatorGroupSID),
|
|
GrantSid(((mode&0007)<<29)|((mode&0002)<<15), everyoneSID),
|
|
)
|
|
}
|