blahblahblah has asked for the wisdom of the Perl Monks concerning the following question:

I traced an error last week down to an unlink that was failing since the script didn't have permission to delete a file. This surprised me, since the file had just been created by that same instance of that same script. It turned out there's a Security property that you can set on directories in windows 2000 to allow or disallow deletion of files in that directory.

So I thought I'd add some error checking into my script, and I found the Win32::FileSecurity module. It has a method, EnumerateRights, that shows all the security rights for a file/directory. It seems like exactly what I want, except that it doesn't show the "delete files within the folder" property that I'm looking for.

The property, on windows 2000, can be viewed by right-clicking the file, choosing Properties, clicking the Security tab, clicking Advanced, then clicking the View/Edit button. My guess is that the list of properties you see on this screen was expanded in windows 2000 and that win32::FileSecurity hasn't been updated since NT 4.

Does anyone know of another module or way to get at that property easily through perl? I found this page on microsoft's site that looks like what I need, but I'm not sure how I could use it from perl. Since some of win32::FileSecurity's constants match those listed on this microsoft page, I'm wondering if there's a way to peek at win32::FileSecurity's data and manually check for the other properties.

Replies are listed 'Best First'.
Re: win32::filesecurity -- outdated? (why?)
by tye (Sage) on Feb 21, 2003 at 17:32 UTC

    I don't see the value in guessing before-hand whether unlink will fail vs. just doing the normal: 

        unlink( $file )
        or  die "Can't delete $file: $!\n";

    [download]
    There are a lot of things that can make unlink fail.

    Did you actually find that "delete files within the folder" was disabled and enabling it fixed the problem? Because my first guess in that situation would be that you still have the file open and the default sharing mode don't allow deleting of open files. See the Win32API::File documentation for more information on Win32 file sharing modes.

    Oh, and sorry, no, I don't know of any great Perl modules for dealing with Win32 security. There is a module called Win32::Perm or Win32::Perms or something that will never be on CPAN and that does way too much meddling with the data for my tastes so I don't know much about it, but you might search for that one and see if it does more of what you are looking for.

                    - tye
[reply]
[d/l]
Re: win32::filesecurity -- outdated?
by hardburn (Abbot) on Feb 21, 2003 at 16:51 UTC

    If it were a FAT32 property, it might be fairly easy to implment. But I suspect that it's an NTFS property. NTFS is a far superior filesystem, but it's also a lot more complicated (just look at the problems the Linux kernel has getting usable NTFS write support).

    On a tangently-related subject, why is there a "do not delete" attribute, anyway? If you can write the file, you can blank it out and effecitvely delete it without actually unliking it from the filesystem. I can't imagine why you wouldn't give someone write access but would allow them to delete the file. This attribute seems completely redundant, and is almost as stupid as the "execute only" attribute in DOS.

    ----
    Reinvent a rounder wheel.

    Note: All code is untested, unless otherwise stated

[reply]

Back to Seekers of Perl Wisdom