static void CheckAccess(string full_path, NtFile entry)
{
try
{
if (!entry.IsAccessGranted(FileAccessRights.ReadControl))
{
return;
}
SecurityDescriptor sd = entry.SecurityDescriptor;
bool is_dir = entry.IsDirectory;
AccessMask granted_access;
if (is_dir && _dir_filter != 0)
{
granted_access = NtSecurity.GetAllowedAccess(_token, _type,
_dir_filter, sd.ToByteArray());
}
else if (!is_dir && _file_filter != 0)
{
granted_access = NtSecurity.GetAllowedAccess(_token, _type,
_file_filter, sd.ToByteArray());
}
else
{
granted_access = NtSecurity.GetMaximumAccess(_token, _type, sd.ToByteArray());
}
if (granted_access.HasAccess)
{
// Now reget maximum access rights
if (_dir_filter != 0 || _file_filter != 0)
{
granted_access = NtSecurity.GetMaximumAccess(_token, _type, sd.ToByteArray());
}
if (!_show_write_only || _type.HasWritePermission(granted_access))
{
Console.WriteLine("{0}{1} : {2:X08} {3}", full_path.TrimEnd('\\'),
is_dir ? "\\" : "", granted_access, AccessMaskToString(granted_access, is_dir));
if (_print_sddl)
{
Console.WriteLine("{0}", sd.ToSddl());
}
}
}
}
catch (NtException)
{
}
}
