ntsecuritycon.SE_BACKUP_NAME), win32con.SE_PRIVILEGE_ENABLED), (win32security.LookupPrivilegeValue( '', ntsecuritycon.SE_RESTORE_NAME), win32con.SE_PRIVILEGE_ENABLED)) ph = win32api.GetCurrentProcess() th = win32security.OpenProcessToken( ph, win32security.TOKEN_ALL_ACCESS | win32con.TOKEN_ADJUST_PRIVILEGES) win32security.AdjustTokenPrivileges(th, 0, new_privs) my_sid = win32security.GetTokenInformation(th, ntsecuritycon.TokenUser)[0] hklm = win32api.RegOpenKey(win32con.HKEY_LOCAL_MACHINE, None, 0, win32con.KEY_ALL_ACCESS) skey = win32api.RegOpenKey(hklm, 'SYSTEM', 0, win32con.KEY_ALL_ACCESS) sa = pywintypes.SECURITY_ATTRIBUTES() sd = pywintypes.SECURITY_DESCRIPTOR() sa.SECURITY_DESCRIPTOR = sd acl = pywintypes.ACL() pwr_sid = win32security.LookupAccountName('', 'Power Users')[0] acl.AddAccessAllowedAce( win32con.ACL_REVISION, win32con.GENERIC_READ | win32con.ACCESS_SYSTEM_SECURITY, my_sid) sd.SetSecurityDescriptorDacl(1, acl, 0) sd.SetSecurityDescriptorOwner(pwr_sid, 0) sa.bInheritHandle = 1 assert sa.SECURITY_DESCRIPTOR is sd win32api.RegSaveKey(skey, fname, sa)
u"SE_DACL_PROTECTED", u"SE_GROUP_DEFAULTED", u"SE_OWNER_DEFAULTED", #~ "SE_RM_CONTROL_VALID", #~ "SE_SACL_AUTO_INHERIT_REQ", u"SE_SACL_AUTO_INHERITED", u"SE_SACL_DEFAULTED", u"SE_SACL_PRESENT", u"SE_SACL_PROTECTED", u"SE_SELF_RELATIVE" ], pattern=u"SE_*", namespace=win32security) SD_CONTROL.doc (u"Information held with a security descriptor header") PyHANDLE = pywintypes.HANDLEType PySECURITY_ATTRIBUTES = pywintypes.SECURITY_ATTRIBUTESType PySECURITY_DESCRIPTOR = type (pywintypes.SECURITY_DESCRIPTOR ()) class x_security (exc.x_winsys): u"Base for security-related exceptions" class x_value_not_set (x_security): u"Raised if an attempt is made to read a security value which hasn't been set" WINERROR_MAP = { } wrapped = exc.wrapper (WINERROR_MAP, x_security) class Security (core._WinSysObject): ur"""The heart of the :mod:`security` module, this class represents the security descriptor of a file, kernel object or any other securable object. It's most commonly instantiated from an object's security method (eg `fs.File.security`)