修改文件用户组的访问权限

/////////////////////////////////////////////////////////////
// Securtiy.cpp
// 设置NTFS文件用户组权限
// BY Koma 2010.04.13
#include <windows.h>
#pragma comment(lib,"user32.lib")
#pragma comment(lib,"Advapi32.lib")
int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR pszCmdLine, int cmdShow)
{
SECURITY_ATTRIBUTES sa;                     // 和文件有关的安全结构
SECURITY_DESCRIPTOR sd;                     // 声明一个SD
BYTE                aclBuffer[1024];        // buffer
PACL                pacl = (PACL)&aclBuffer;// 声明一个ACL，长度是1024
BYTE                sidBuffer[100];         // sid buffer
PSID                psid = (PSID)&sidBuffer;

// 声明SID，长度是100
DWORD        sidBufferSize      = 100;
DWORD        domainBufferSize   = 80;
char         domainBuffer[80];
HANDLE       hFile;
SID_NAME_USE snu;
// 初始化SD、初始化ACL
InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION);
InitializeAcl(pacl, 1024, ACL_REVISION);
// 查找用户Koma，并取该用户的SID
LookupAccountName(0, "Koma",psid,&sidBufferSize, domainBuffer,&domainBufferSize, &snu);
// 设置该用户的Access-Allowed的ACE，其权限为All-Access
AddAccessAllowedAce(pacl, ACL_REVISION, GENERIC_ALL, psid);
// 把ACL设置到SD中
SetSecurityDescriptorDacl(&sd, TRUE, pacl, FALSE);
// 把SD放到文件安全结构SA中
sa.nLength              = sizeof(SECURITY_ATTRIBUTES);
sa.bInheritHandle       = FALSE;
sa.lpSecurityDescriptor = &sd;
// 开始创建文件
hFile = CreateFile("D://Test.txt",0, 0, &sa, CREATE_NEW, FILE_ATTRIBUTE_NORMAL, 0);
if(hFile == INVALID_HANDLE_VALUE)
{
MessageBox(NULL,"创建失败！",NULL,NULL);
return -1;
}
MessageBox(NULL,"创建成功！",NULL,NULL);
CloseHandle(hFile);
return 0;
}