Windows create file readable by other users

RivenSkaye · May 19, 2025, 1:44pm

I'm trying to create a file (if it doesn't exist) on Windows - so far, so good. But I'd like that file to be readable by everyone else. And that last bit is where I'm hitting a snag. I'd like to create a file in ~~a public location (e.g. %PUBLIC%/shared_info.txt)~~ a location that other users can at least see; not all that different from log files. Which seems like it should be basic multi-user system functionality?

Looking at OpenOptionsExt and the MS docs it links, I can set the permissions for other processes (presumably under the same user) while I hold the handle. But I can't find anything about managing user permissions. There's an old crate windows-permissions but the docs seem to imply it's only for reading permissions similar to e.g. faccess.

Is there any way to manage user permissions on Windows short of hacking something together myself over the windows crate?

edit: Turns out the example %PUBLIC% causes inheritance of the file being created - if it's initially created there. The MS docs on ACLs only say it's possible to inherit. So I figured I'd just run icacls as a subprocess to make it happen. And then ss64 had some great news

By default, an object will inherit permissions from its parent object, either at the time of creation or when it is copied or moved. The only exception to this rule occurs when you move an object to a different folder on the same volume.

That said, I would still like to mangle permissions if possible, so consider the question still open

Redglyph · May 19, 2025, 4:33pm

Is it what you need? It seems someone else had the same issue and proposed an ACP, which was accepted (I'm not sure it includes those specific user permissions, though):

github.com/rust-lang/libs-team

Extend std::fs::Permissions on Windows

opened 01:54PM - 03 Jun 24 UTC

E-Mans-Application

T-libs-api api-change-proposal ACP-accepted

# Proposal ## Problem statement I need to set file attributes on Windows, …and I found it's exactly what `std::fs::set_permissions` does. However, struct `std::fs::Permissions` only exposes attribute `readonly`. I would also need to set other attributes, such as `FILE_ATTRIBUTE_SYSTEM` or `FILE_ATTRIBUTE_TEMPORARY`. On Linux, there is extension trait `std::os::unix::fs::PermissionsExt`, but it seems Windows has no such thing. The attributes given to `OpenOptions` are only applied to existing files if the files are open with `.create(true).truncate(true)`, which truncates the files. I need to get and set the attributes of an existing file, without changing its contents. ## Solution sketch An extension trait could be added on Windows to expose other attributes. This trait could also provide methods to convert `Permissions` from and to `u32`. In `std::sys::pal::windows::fs`, extend `impl FilePermissions`: ```rust impl FilePermissions { pub fn readonly(&self) -> bool { self.attrs & c::FILE_ATTRIBUTE_READONLY != 0 } pub fn set_readonly(&mut self, readonly: bool) { if readonly { self.attrs |= c::FILE_ATTRIBUTE_READONLY; } else { self.attrs &= !c::FILE_ATTRIBUTE_READONLY; } } pub fn system(&self) -> bool { self.attrs & c::FILE_ATTRIBUTE_SYSTEM != 0 } pub fn set_system(&mut self, system: bool) { if readonly { self.attrs |= c::FILE_ATTRIBUTE_SYSTEM; } else { self.attrs &= !c::FILE_ATTRIBUTE_SYSTEM; } } // ... // A macro could be used since all the functions will have the same structure pub fn to_u32(&self) -> u32 { self.attrs } fn from_u32(mask: u32) -> Self { // You may want to check the mask is correct and return an `Option` here, although `SetFileAttributes` seems to ignore invalid attributes. Self { attrs: mask } } } ``` In `std::os::windows::fs`: ```rust pub trait PermissionsExt { #[must_use] fn system(&self) -> bool; fn set_system(&mut self); #[must_use] fn temporary(&self) -> bool; fn set_temporary(&mut self); // Same for other attributes fn to_u32(&self) -> u32; fn from_u32(mask: u32) -> Self; } impl PermissionsExt for Permissions { // Delegates all to `as_inner` or `from_inner`, just like `PermissionsExt` is implemented on Unix. } ``` ## Alternatives Currently, I'm calling system API `SetFileAttributesW` directly, but this forces me to resort to unsafe code and to re-implement conversion from `Path` to `Vec<u16>` (with verbatim support for long paths), in a way that's probably less efficient than the standard library. Another possibility would be to compute the mask manually and to transmute the result to Permissions (which is basically a u32), but I don't like this solution because there is no guarantee that Permissions will remain equivalent to a u32 in the future. ## Links and related work Initial discussion: https://internals.rust-lang.org/t/extend-std-permissions-on-windows/20943

RivenSkaye · May 19, 2025, 6:46pm

Alas, those attributes are the ones controlling what other processes can do. They'd leave it accessible only to the creating user and processes run by elevated users like admins and system. Windows' alternative to user/group/world permissions seem to be per-user, per-group and predefined Everyone (localized name) permissions set with ACLs. And I can't find anything about manipulating those from Rust...

Redglyph · May 19, 2025, 7:16pm

Sorry for the misleading links, then. I've always found Windows' way of dealing with file access permissions quite obscure. I know there's a windows crate, which is maintained by someone at Microsoft, and there are some bits related to DACL (if that's even the correct entry point to managing file access), but it's big and not too well documented.

tornewuff · May 19, 2025, 7:53pm

In my experience it's extremely rare for any Windows program to actually modify the ACLs on the files it creates, and so this might just not be something anyone has made a nice library for.

The vast majority of files/directories on Windows systems have no ACL specified at all and just inherit the ACL of their parent, so permissions are often configured by human administrators somewhere near the "top level" and just get inherited by all the directories and files beneath, without any program ever needing to touch them.

If you want to set up a location that's readable to all the users on the system then most often that would be done manually by creating and setting a specific ACL on that directory and then just configuring whatever program is creating the data to output to that location.

carey · May 19, 2025, 10:26pm

The more useful Microsoft documentation is probably File Security and Access Rights - Win32 apps | Microsoft Learn, rather than the generic description of access control entries.

As I understand it, to work like icacls /grant:r, you would call ConvertStringSecurityDescriptorToSecurityDescriptorW to get a SECURITY_DESCRIPTOR, put that into a SECURITY_ATTRIBUTES struct, and call SetSecurityInfo to apply it to an open file handle or SetNamedSecurityInfo with a filename instead. You should also be able to use it with CreateFileW to do what you can’t with OpenOptions.

These Windows APIs are available in the windows crate with the Win32_Security_Authorization feature.

RivenSkaye · May 20, 2025, 5:26am

Yeah I think you're right. That's also the part of the initial question that was still unanswered (is there an ergonomic approach or do I roll my own) so I get to hack around I guess.

Exactly what I wanted to avoid for reproducible deployment reasons

Thanks a bunch for finding that. My browser was not handling search in those docs well at all!
And thanks for the other info as well, that is indeed more useful than looking into ACL documentation. Time to start another project

Topic		Replies	Views
Set_permissions not working help	4	249	June 17, 2024
Simple Permission Checks help	8	3698	January 12, 2023
Detect whether a fs::File object is writable? help	12	1140	December 21, 2023
File permission help	13	713	February 9, 2022
Windows "Permission Denied" Error When Trying to Write to a PHYSICALDRIVE help	3	264	March 27, 2025

Windows create file readable by other users

Related topics