1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
use std::path::Path;
#[derive(PartialEq, Eq, Debug, Hash, Ord, PartialOrd, Clone)]
#[cfg_attr(feature = "serde1", derive(serde::Serialize, serde::Deserialize))]
pub struct Account {
pub username: String,
pub password: String,
}
pub fn is_path_owned_by_current_user(path: impl AsRef<Path>) -> std::io::Result<bool> {
impl_::is_path_owned_by_current_user(path)
}
#[cfg(not(windows))]
mod impl_ {
use std::path::Path;
pub fn is_path_owned_by_current_user(path: impl AsRef<Path>) -> std::io::Result<bool> {
fn owner_from_path(path: impl AsRef<Path>) -> std::io::Result<u32> {
use std::os::unix::fs::MetadataExt;
let meta = std::fs::symlink_metadata(path)?;
Ok(meta.uid())
}
fn owner_of_current_process() -> std::io::Result<u32> {
#[allow(unsafe_code)]
let uid = unsafe { libc::geteuid() };
Ok(uid)
}
Ok(owner_from_path(path)? == owner_of_current_process()?)
}
}
#[cfg(windows)]
mod impl_ {
use std::path::Path;
fn err(msg: impl Into<String>) -> std::io::Error {
std::io::Error::new(std::io::ErrorKind::Other, msg.into())
}
pub fn is_path_owned_by_current_user(path: impl AsRef<Path>) -> std::io::Result<bool> {
use windows::{
core::{Error, PCWSTR},
Win32::{
Foundation::{HANDLE, PSID},
Security::{
Authorization::{GetNamedSecurityInfoW, SE_FILE_OBJECT},
EqualSid, GetTokenInformation, TokenOwner, OWNER_SECURITY_INFORMATION, PSECURITY_DESCRIPTOR,
TOKEN_OWNER, TOKEN_QUERY,
},
System::{
Memory::LocalFree,
Threading::{GetCurrentProcess, OpenProcessToken},
},
},
};
let mut err_msg = None;
let mut is_owned = false;
let path = path.as_ref();
#[allow(unsafe_code)]
unsafe {
let mut folder_owner = PSID::default();
let mut pdescriptor = PSECURITY_DESCRIPTOR::default();
let result = GetNamedSecurityInfoW(
PCWSTR(to_wide_path(path).as_ptr()),
SE_FILE_OBJECT,
OWNER_SECURITY_INFORMATION,
&mut folder_owner,
std::ptr::null_mut(),
std::ptr::null_mut(),
std::ptr::null_mut(),
&mut pdescriptor,
);
if result.is_ok() {
let mut token = HANDLE::default();
OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &mut token).ok()?;
let mut buffer_size = 0;
let mut buffer = Vec::<u8>::new();
GetTokenInformation(token, TokenOwner, std::ptr::null_mut(), 0, &mut buffer_size);
if buffer_size != 0 {
buffer.resize(buffer_size as usize, 0);
if GetTokenInformation(
token,
TokenOwner,
buffer.as_mut_ptr() as _,
buffer_size,
&mut buffer_size,
)
.as_bool()
{
let token_owner = buffer.as_ptr() as *const TOKEN_OWNER;
let token_owner = (*token_owner).Owner;
is_owned = EqualSid(folder_owner, token_owner).as_bool();
} else {
err_msg = format!(
"Couldn't get actual token information for current process with err: {}",
Error::from_win32()
)
.into();
}
} else {
err_msg = format!(
"Couldn't get token information size info for current process with err: {}",
Error::from_win32()
)
.into();
}
} else {
err_msg = format!(
"Couldn't get security information for path '{}' with err {}",
path.display(),
Error::from_win32()
)
.into();
}
LocalFree(pdescriptor.0 as isize);
}
err_msg.map(|msg| Err(err(msg))).unwrap_or(Ok(is_owned))
}
fn to_wide_path(path: impl AsRef<Path>) -> Vec<u16> {
use std::os::windows::ffi::OsStrExt;
let mut wide_path: Vec<_> = path.as_ref().as_os_str().encode_wide().collect();
wide_path.push(0);
wide_path
}
}
