Odd PowerShell Get-ACL permission translations -


i have powershell script matches get-acl access control entries standard windows permissions using access mask. oddly, aces "readandexecute, synchronize" seem yield permission of "fullcontrol". here script:

 #match current ace permissions regular permissions via access mask comparison (binary , / -band)     $acl = get-acl "c:\program files (x86)"                  $accesses = $acl.access     #enumerate current directory's access rights     foreach ($access in $accesses) {             $enumeration = $access.filesystemrights             $keys = @()             [system.enum]::getvalues($enumeration.gettype()) | where-object { $enumeration -band $_; write-host ($enumeration -band $_) -foregroundcolor red} | % {write-host -foregroundcolor green $_;} | select-object -unique | foreach-object { write-host -foregroundcolor cyan $_; $keys += $_ }                          $keys     }

perhaps not understand how appropriately translate these access control entries. seems odd me "modify, synchronize" somehow end in permission setting of "fullcontrol".

also, if script run on own system note rather messy debug format portrays. "0"'s non-matching results binary "and". green values resultant windows permissions aces had matching access masks specified windows permission (supposedly).

i hope not repeating question; i've dug , haven't found answer explains me @ current level of understanding.

i have credit petseral giving me comment led answer. it's been 2 days , has not provided comment in answer form self answer.

the odd results seeing result of "collision" speak between binary "and" operation intended validate permission , permission type being tested against.

the initial value (permission) cannot directly compared permission type being checked objects apparently incompatible. running binary , on permission value , value being tested can checked see if tested value permission being checked for. reason binary , operation results in object can directly tested.

after binary , has been completed result needs compared permission type passed binary "and" operator. here modified code:

 #match current ace permissions regular permissions via access mask comparison (binary , / -band)     $acl = get-acl "c:\program files (x86)"                  $accesses = $acl.access     #enumerate current directory's access rights     foreach ($access in $accesses) {             $enumeration = $access.filesystemrights             $keys = @()             [system.enum]::getvalues($enumeration.gettype()) | where-object { ($enumeration -band $_) -eq $_; write-host ($enumeration -band $_) -foregroundcolor red} | % {write-host -foregroundcolor green $_;} | select-object -unique | foreach-object { write-host -foregroundcolor cyan $_; $keys += $_ }                             $keys     }

this comparison verify resultant permission value being checked , type being checked against represent value being checked , not collision of binary values resulting in different permission altogether.

for example, "readandexecute, modify" when represented $enumeration & anded "fullcontrol" result in "readandexecute, modify" - collision. while "readandexecute, modify" permission valid, check see whether or not binary , result in "fullcontrol". second check verify result "fullcontrol" , not other valid permission type. inability compare without "-band" operation leads addition of -eq $_ in line where-object { ($enumeration -band $_) -eq $_ }


Comments

Post a Comment

Popular posts from this blog

jOOQ update returning clause with Oracle -

according http://www.jooq.org/doc/3.8/manual/sql-building/sql-statements/update-statement/ jooq doesn't support returning clause in update statements databases except firebird , postgres. does know, still correct oracle jooq? according oracle's documentation, oracle db supports returning clase delete, insert, or update statements. incorrect manual you're right - manual wrong , should fixed: https://github.com/jooq/jooq/issues/5470 single row update returning jooq 3.8 added support single row update .. returning statements. internally, uses callablestatement , pl/sql block of form: begin update "my_table" set "my_table"."column" = 'xyz' "my_table"."id" = 1 returning "my_table"."id", "my_table"."column" ?, ?; ? := sql%rowcount; end; the relevant issue is: https://github.com/jooq/jooq/issues/5190 multi row update returning a...
Read more

java - Warning equals/hashCode on @Data annotation lombok with inheritance -

i have entity inherits other. on other hand, i'm using lombok project reduce boilerplate code, put @data annotation. annotation @data inheritance produces next warning: generating equals/hashcode implementation without call superclass, though class not extend java.lang.object. if intentional, add '@equalsandhashcode(callsuper=false)' type. is advisable add annotation @equalsandhashcode (callsuper = true) or @equalsandhashcode (callsuper = false) ? if not added, 1 callsuper=false or callsuper=true ? the default value false . 1 if don't specify , ignore warning. yes, recommended add @equalsandhashcode annotation on @data annotated classes extend else object. cannot tell if need true or false , depends on class hierarchy, , need examined on case-by-case basis. however, project or package, can configure in lombok.config call super methods if not direct subclass of object. lombok.equalsandhashcode.callsuper = call for configuration system ...
Read more

java - BasicPathUsageException: Cannot join to attribute of basic type -

i using java 8 jpa (hibernate 5.2.1). have clause works perfectly, until introduce clause make use foreign key table values too. i getting following error: basicpathusageexception: cannot join attribute of basic type i think problem related fact have join table, , not sure how create join using join table. employee - employee_category - category model (employee.java): @manytomany(cascade = cascadetype.all, fetch=fetchtype.eager) @jointable ( name="employee_category", joincolumns={ @joincolumn(name="emp_id", referencedcolumnname="id") }, inversejoincolumns={ @joincolumn(name="cat_id", referencedcolumnname="id") } ) private set<category> categories; model (category.java): @id private string id; jpa when introduce following code, fails error above (i think problem new piece of code): join<t, category> category = from.join("id"); predicates.add(criteriabuilder.like(category....
Read more