Text file src/cmd/go/testdata/script/build_acl_windows.txt

     1  [!windows] stop
     2  [!exec:icacls] skip
     3  [!exec:powershell] skip
     4  
     5  # Create $WORK\guest and give the Guests group full access.
     6  # Files created within that directory will have different security attributes by default.
     7  mkdir $WORK\guest
     8  exec icacls $WORK\guest /grant '*S-1-5-32-546:(oi)(ci)f'
     9  
    10  env TMP=$WORK\guest
    11  env TEMP=$WORK\guest
    12  
    13  # Build a binary using the guest directory as an intermediate
    14  cd TestACL
    15  go build -o main.exe main.go
    16  # Build the same binary, but write it to the guest directory.
    17  go build -o $TMP\main.exe main.go
    18  
    19  # Read ACLs for the files.
    20  exec powershell -Command 'Get-Acl main.exe | Select -expand AccessToString'
    21  cp stdout $WORK\exe-acl.txt
    22  exec powershell -Command 'Get-Acl main.go | Select -expand AccessToString'
    23  cp stdout $WORK\src-acl.txt
    24  cd $TMP
    25  exec powershell -Command 'Get-Acl main.exe | Select -expand AccessToString'
    26  cp stdout $WORK\guest-acl.txt
    27  
    28  cd $WORK
    29  
    30  # The executable written to the source directory should have the same ACL as the source file.
    31  cmp $WORK\exe-acl.txt $WORK\src-acl.txt
    32  
    33  # The file written to the guest-allowed directory should give Guests control.
    34  grep 'BUILTIN\\Guests\s+Allow' $WORK\guest-acl.txt
    35  
    36  # The file written to the ordinary directory should not.
    37  ! grep 'BUILTIN\\Guests\s+Allow' $WORK\exe-acl.txt
    38  
    39  
    40  -- TestACL/go.mod --
    41  module TestACL
    42  -- TestACL/main.go --
    43  package main
    44  func main() {}
    45  

View as plain text