Win32::FileSecurity

The Win32::FileSecurity module allows you to work with NT File System (NTFS) file permissions. File permissions are stored as Discretionary Access Control Lists (DACLs) for each file or directory. These lists contain a bitmask specifying the permission rights for users on the file or directory. This module implements a DACL as a permissions hash in which each key is a username, and the value is the bitmask for the permissions.

The FileSecurity module exports the following constants to describe user permissions:

ACCESS_SYSTEM_SECURITY READ or R CHANGE or C SPECIFIC_RIGHTS_ALL DELETE STANDARD_RIGHTS_ALL FULL or F STANDARD_RIGHTS_EXECUTE GENERIC_ALL STANDARD_RIGHTS_READ GENERIC_EXECUTE STANDARD_RIGHTS_REQUIRED GENERIC_READ STANDARD_RIGHTS_WRITE GENERIC_WRITE SYNCHRONIZE MAXIMUM_ALLOWED WRITE_DAC READ_CONTROL WRITE_OWNER

Using the constant function on one of these constants gives its value, and bitmasks or multiple permissions settings can be made by supplying a list of these constants to the MakeMask function.

The following functions are exported by the Win32::FileSecurity module.

constant (name $val) 

Takes the name of a permission constant and saves its value in the variable val.

EnumerateRights (mask, \@rights) 

Takes a permissions bitmask (as returned by MakeMask or constant) and saves the corresponding list of string constants in rights.

Get (filename, \%permissions) 

Gets the access control list for filename (or directory) and saves in the specified permissions hash.

MakeMask (stringlist) 

Takes a list of permission string constants and returns the bitmask.

Set (filename, \%permissions) 

Sets the access control list for the given filename (or directory) to the settings in the specified permissionshash.