[Python] 파일 보안 설정 변경(File Security)

윈도우에서 파일에대한 보안 설정을하는 코드.

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54

"""File Security Sample""" import os import win32api import win32security import ntsecuritycon as con   FILENAME = "temp.txt" os.remove(FILENAME)   # #Show Cacls # def show_cacls(filename):     for line in os.popen("icacls %s" % filename).read().splitlines():         print(line)   # # Find the SIDs for Everyone, the Admin group and the current user # everyone, domain, type = win32security.LookupAccountName("", "Everyone") admins, domain, type = win32security.LookupAccountName("", "Administrators") user, domain, type = win32security.LookupAccountName("", win32api.GetUserName())   # # Touch the file and use CACLS to show its default permissions # (which will probably be: Admins->Full; Owner->Full; Everyone->Read) # open(FILENAME, "w").close() show_cacls(FILENAME)   # # Find the DACL part of the Security Descriptor for the file # sd = win32security.GetFileSecurity(FILENAME, win32security.DACL_SECURITY_INFORMATION)   # # Create a blank DACL and add the three ACEs we want # We will completely replace the original DACL with # this. Obviously you might want to alter the original # instead. # dacl = win32security.ACL() dacl.AddAccessAllowedAce(win32security.ACL_REVISION, con.FILE_GENERIC_READ, everyone) dacl.AddAccessAllowedAce(win32security.ACL_REVISION, con.FILE_GENERIC_READ | con.FILE_GENERIC_WRITE, user) dacl.AddAccessAllowedAce(win32security.ACL_REVISION, con.FILE_ALL_ACCESS, admins)   # # Put our new DACL into the Security Descriptor, # update the file with the updated SD, and use # CACLS to show what's what. # sd.SetSecurityDescriptorDacl(1, dacl, 0) win32security.SetFileSecurity(FILENAME, win32security.DACL_SECURITY_INFORMATION, sd) show_cacls(FILENAME)

출처: http://timgolden.me.uk/python/win32_how_do_i/add-security-to-a-file.html