Explanation
Windows does not use traditional Unix permissions. Instead, Windows controls access to files and directories through access control. Each object has an ACL (Access Control List)* which controls access to the object.
Each ACL is basically a list of ACEs (Access Control Entries) which determine what access a specific trustee (user, group, etc.) is granted. For example, a file may contain an ACE granting a specific user read access (GENERIC_READ
) to the file.
Manipulating ACLs and ACEs is done through the authorization functions in the Windows API.
* technically each object has two ACLs - a DACL and a SACL
Solution
Thankfully, learning all of these functions isn't necessary. I've put together a small Go package named "go-acl" that does all of the heavy-lifting and exposes a function named (what else?) Chmod
. Basic usage is as follows:
import "github.com/hectane/go-acl"
err := acl.Chmod("C:\\path\\to\\file.txt", 0755)
if err != nil {
panic(err)
}
Results
The Chmod()
function creates three ACEs in the file's ACL:
- one for the owner (
WinCreatorOwnerSid
)
- one for the group (
WinCreatorGroupSid
)
- one for everyone else (
WinWorldSid
)