Boost :

From: Niall Douglas (s_sourceforge_at_[hidden])
Date: 2021-03-05 16:53:34

• Next message: Nikita Kniazev: "[build] Could not open a pull request"
• Previous message: Nicholas Neumann: "Re: boost.log's text_multifile_backend is not performant on windows - perhaps it should be documented?"
• In reply to: Peter Dimov: "Re: boost.log's text_multifile_backend is not performant on windows - perhaps it should be documented?"
• Next in thread: Nicholas Neumann: "Re: boost.log's text_multifile_backend is not performant on windows - perhaps it should be documented?"
• Reply: Nicholas Neumann: "Re: boost.log's text_multifile_backend is not performant on windows - perhaps it should be documented?"

On 05/03/2021 16:26, Peter Dimov via Boost wrote:

>> You can delete or rename open files on Windows just fine. It's just
>> std::ofstream opens files in a way where you can't.
>>
>> Another suggestion is that any decent Windows AV will not scan files
>> incapable of holding executable code for binary viruses. std::ofstream
>> opens files capable of holding executable code, so everything written to
>> them must be scanned deeply. If you instead create a file without
>> executability privileges, the AV should only scan for a small subset of
>> potential malcontent.
>
> Niall, your experience is deeply appreciated and your messages are very
> informative, but they would be even more useful if you actually say how
> things you describe are done. How should one open the file correctly so
> that it can be deleted and renamed while open, and has no executable
> privileges?

Everybody was reading the Microsoft API docs already, so I figured you
just follow what they tell you. But to summarise those docs:

Share mode needs to be FILE_SHARE_READ | FILE_SHARE_WRITE |
FILE_SHARE_DELETE and privs need to include DELETE if you want to be
able to delete and rename it when open. Use
https://docs.microsoft.com/en-us/windows/win32/api/fileapi/nf-fileapi-setfileinformationbyhandle
to do renames and deletes. For renames, use FILE_RENAME_INFO. For
marking and unmarking a file as delete-on-close, use
FILE_DISPOSITION_INFORMATION.

To create a file without executable in its ACL, probably the least
efficient, but easiest, way is using
ConvertStringSecurityDescriptorToSecurityDescriptor() to make a
SECURITY_DESCRIPTOR. You can create it once and reuse it however. Purely
off the top of my head, something like:

D:(A;;GRGW;;;AU)

... would grant Access of GenericRead GenericWrite to AuthenticatedUsers.

Obviously you'd need more than that, the default ACL within Users on
Windows is:

SYSTEM: Full Control
Administrators: Full Control
OWNER: Full control

So you'd want OWNER dropped to GRGW, and move OWNER to the top of the
ACL list so it gets matched before Administrators.

I hope this is more useful to you.

Niall

• Next message: Nikita Kniazev: "[build] Could not open a pull request"
• Previous message: Nicholas Neumann: "Re: boost.log's text_multifile_backend is not performant on windows - perhaps it should be documented?"
• In reply to: Peter Dimov: "Re: boost.log's text_multifile_backend is not performant on windows - perhaps it should be documented?"
• Next in thread: Nicholas Neumann: "Re: boost.log's text_multifile_backend is not performant on windows - perhaps it should be documented?"
• Reply: Nicholas Neumann: "Re: boost.log's text_multifile_backend is not performant on windows - perhaps it should be documented?"

Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk