file_attributes.html

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>File Attributes in Windows with Go</title>
    <link rel="stylesheet" type="text/css" href="whitepaper.css" />
</head>

<body>

<div style="text-align: center;">
    <h1>Introduction</h1>
</div>
<p>
    I was looking around for an open-source, golang library that would read and set attributes on files when the
    golang app is running on Windows.  I found a few but none that really did what I wanted, so I wrote one.  What I
    needed was a library that would read a file's security information, stored in such a way that, if the file were
    removed, it could be restored with its original security context.  What that boils down to is the need to read the
    security information into a string that I could persist and later turn back into a security context I could
    restore.   In this article, we'll describe a small library I wrote to read and set file attributes on Windows.
</p>

<div style="text-align: center;">
    <h1>Overview</h1>
</div>
<p>
    Most of writing this library involved using golang's syscall package and figuring out how to marshal data
    between golang and the Windows security API functions.  Once you nail down some of the essentials, it's actually
    pretty straight forward.
</p>

<p>
    We'll start with a simple explanation of attaching Windows DLLs and finding function references.  We'll next
    discuss how to marshal strings, integers and structures between golang and Windows API functions,
    then conclude by explaining the library itself.
</p>

<div style="text-align: center;">
    <h2>Attaching DLLs and Locating Entry Points</h2>
</div>
<p>
    In the following code snippet, note the imports of syscall and unsafe.  In a nutshell, the syscall package allows
    for attaching DLLs (or shared libraries on unix-like systems), finding entry points, calling those entry points and
    marshalling data between golang and system libraries.  The unsafe package allows the use of golang data structures
    as pointers to buffers system library functions want to see.
</p>

<div style="background: #ffffff; overflow:auto;width:auto;border:solid gray;border-width:.1em .1em .1em .8em;padding:.2em .6em;"><table><tr><td><pre style="margin: 0; line-height: 125%"> 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16</pre></td><td><pre style="margin: 0; line-height: 125%"><span style="color: #008800; font-weight: bold">import</span> (
	<span style="background-color: #fff0f0">&quot;syscall&quot;</span>
	<span style="background-color: #fff0f0">&quot;unicode/utf16&quot;</span>
	<span style="background-color: #fff0f0">&quot;unsafe&quot;</span>
)

<span style="color: #008800; font-weight: bold">var</span> (
	advapiLib, _                                           = syscall.LoadLibrary(<span style="background-color: #fff0f0">&quot;advapi32.dll&quot;</span>)
	setFileSecurity, _                                     = syscall.GetProcAddress(advapiLib, <span style="background-color: #fff0f0">&quot;SetFileSecurityW&quot;</span>)
	getNamedSecurityInfo, _                                = syscall.GetProcAddress(advapiLib, <span style="background-color: #fff0f0">&quot;GetNamedSecurityInfoW&quot;</span>)
	convertSidToStringSid, _                               = syscall.GetProcAddress(advapiLib, <span style="background-color: #fff0f0">&quot;ConvertSidToStringSidW&quot;</span>)
	convertSecurityDescriptorToStringSecurityDescriptor, _ = syscall.GetProcAddress(advapiLib, <span style="background-color: #fff0f0">&quot;ConvertSecurityDescriptorToStringSecurityDescriptorW&quot;</span>)
	convertStringSecurityDescriptorToSecurityDescriptor, _ = syscall.GetProcAddress(advapiLib, <span style="background-color: #fff0f0">&quot;ConvertStringSecurityDescriptorToSecurityDescriptorW&quot;</span>)
	kernel32Lib, _                                         = syscall.LoadLibrary(<span style="background-color: #fff0f0">&quot;Kernel32.dll&quot;</span>)
	localFree, _                                           = syscall.GetProcAddress(kernel32Lib, <span style="background-color: #fff0f0">&quot;LocalFree&quot;</span>)
)
</pre></td></tr></table></div>

<p>
    LoadLibrary, not surprisingly, maps a library into the golang process address space.  GetProcAddress finds the address
    of an API function in that newly-loaded library.  Good hygiene would dictate that you unload a library when you no
    longer need it, by calling syscall.FreeLibrary.  I didn't do anything in this library to unload a library,
    since the app I'm working on will always need them loaded.
</p>

<p>
    I also chose to use the &quot;wide&quot; versions of the DLL functions; those whose signature includes a capital W
    as the last character in the function name.  The wide versions of functions accept unicode text as string
    parameters.  I figured that gave me the most flexibility in file names.
</p>

<table border="1" cellspacing="2" cellpadding="5">
    <tr>
        <td>
            One thing worth noting is that the golang syscall library has a set of functions useful in Windows, like
            LocalFree().  I chose not to use some of them, because they're defined to accept a type that didn't match
            the data types I used to call the security API functions.  Here is
            <a href="https://golang.org/src/syscall/syscall_windows.go">a link to the golang-supplied Windows
                functions</a>.
        </td>
    </tr>
</table>

<div style="text-align: center;">
    <h2>The Library</h2>
</div>

<p>
    Our library has only 2 public functions...
</p>

<div style="background: #ffffff; overflow:auto;width:auto;border:solid gray;border-width:.1em .1em .1em .8em;padding:.2em .6em;"><table><tr><td><pre style="margin: 0; line-height: 125%">1
2</pre></td><td><pre style="margin: 0; line-height: 125%"><span style="color: #008800; font-weight: bold">func</span> (attributes <span style="color: #333333">*</span>WidowsFileAttributes) GetSecurityDescriptor() (<span style="color: #008800; font-weight: bold">map</span>[<span style="color: #333399; font-weight: bold">string</span>]<span style="color: #333399; font-weight: bold">string</span>, <span style="color: #333399; font-weight: bold">error</span>)
<span style="color: #008800; font-weight: bold">func</span> (attributes <span style="color: #333333">*</span>WidowsFileAttributes) SetSecurityDescriptor(securityDescriptorString <span style="color: #333399; font-weight: bold">string</span>) <span style="color: #333399; font-weight: bold">error</span>
</pre></td></tr></table></div>


<br>Calling <pre>GetSecurityDescriptor()</pre> will return a map with 3 entries...

<div style="background: #ffffff; overflow:auto;width:auto;border:solid gray;border-width:.1em .1em .1em .8em;padding:.2em .6em;"><table><tr><td><pre style="margin: 0; line-height: 125%">1
2
3</pre></td><td><pre style="margin: 0; line-height: 125%">	ownerTag                            = <span style="background-color: #fff0f0">&quot;owner&quot;</span>
	groupTag                            = <span style="background-color: #fff0f0">&quot;group&quot;</span>
	daclTag                             = <span style="background-color: #fff0f0">&quot;dacl&quot;</span>
</pre></td></tr></table></div>

<br>The entry identified by <pre>daclTag</pre> is the string representation for the entire
<a href="https://msdn.microsoft.com/en-us/library/windows/desktop/aa374872(v=vs.85).aspx"> Discretionary Access Control
    List</a> (DACL) for the file.  It is this string you should use as the value when calling
<pre>SetSecurityDescriptor(securityDescriptorString string)</pre>

The other 2 map elements returned from a call to <pre>GetSecurityDescriptor()</pre> contain the string representation
of a file's owner and group <a href="https://msdn.microsoft.com/en-us/library/windows/desktop/aa379571(v=vs.85).aspx">
    Security Identifiers</a> (SID).

<div style="text-align: center;">
    <h3>Getting an Instance</h3>
</div>

<p>
    The library structure definition is pretty simple.  It just needs a file path...
</p>

<div style="background: #ffffff; overflow:auto;width:auto;border:solid gray;border-width:.1em .1em .1em .8em;padding:.2em .6em;"><table><tr><td><pre style="margin: 0; line-height: 125%"> 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17</pre></td><td><pre style="margin: 0; line-height: 125%"><span style="color: #008800; font-weight: bold">type</span> WidowsFileAttributes <span style="color: #008800; font-weight: bold">struct</span> {
	windowsFileName []<span style="color: #333399; font-weight: bold">uint16</span>
}

<span style="color: #008800; font-weight: bold">func</span> NewWidowsFileAttributes(filePath <span style="color: #333399; font-weight: bold">string</span>) (<span style="color: #333333">*</span>WidowsFileAttributes, <span style="color: #333399; font-weight: bold">error</span>) {
	<span style="color: #008800; font-weight: bold">if</span> runtime.GOOS <span style="color: #333333">!=</span> <span style="background-color: #fff0f0">&quot;windows&quot;</span> {
		<span style="color: #008800; font-weight: bold">return</span> <span style="color: #008800; font-weight: bold">nil</span>, fmt.Errorf(<span style="background-color: #fff0f0">&quot;WidowsFileAttributes only works on Windows&quot;</span>)
	}

	windowsFileName, err <span style="color: #333333">:=</span> syscall.UTF16FromString(filePath)

	<span style="color: #008800; font-weight: bold">if</span> err <span style="color: #333333">!=</span> <span style="color: #008800; font-weight: bold">nil</span> {
		<span style="color: #008800; font-weight: bold">return</span> <span style="color: #008800; font-weight: bold">nil</span>, fmt.Errorf(<span style="background-color: #fff0f0">&quot;failed to convert %s to Windows equivalent&quot;</span>, filePath)
	}

	<span style="color: #008800; font-weight: bold">return</span> <span style="color: #333333">&amp;</span>WidowsFileAttributes{windowsFileName: windowsFileName}, <span style="color: #008800; font-weight: bold">nil</span>
}
</pre></td></tr></table></div>

<p>
    On line 10 above, we turn the golang string into a uint16 slice to represent the file path in its unicode
    representation for use with the wide version Windows DLL functions.
</p>

<a name="getSecurityDescriptor">
    <div style="text-align: center;">
        <h3>GetSecurityDescriptor</h3>
    </div>
</a>

<p>
    GetSecurityDescriptor() uses a call to the private function <a href="#securityInfo">securityInfo()</a> to retrieve
    the file DACL, owner and group IDs.  What we get back is a map of string to byte slice, where each map entry
    is part of a Windows <a href="https://msdn.microsoft.com/en-us/library/windows/desktop/aa379561(v=vs.85).aspx">
    SECURITY_DESCRIPTOR</a> structure.
</p>

<div style="background: #ffffff; overflow:auto;width:auto;border:solid gray;border-width:.1em .1em .1em .8em;padding:.2em .6em;"><table><tr><td><pre style="margin: 0; line-height: 125%"> 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52</pre></td><td><pre style="margin: 0; line-height: 125%"><span style="color: #008800; font-weight: bold">func</span> (attributes <span style="color: #333333">*</span>WidowsFileAttributes) GetSecurityDescriptor() (<span style="color: #008800; font-weight: bold">map</span>[<span style="color: #333399; font-weight: bold">string</span>]<span style="color: #333399; font-weight: bold">string</span>, <span style="color: #333399; font-weight: bold">error</span>) {
	securityInfoMap, err <span style="color: #333333">:=</span> attributes.securityInfo()

	<span style="color: #008800; font-weight: bold">if</span> err <span style="color: #333333">!=</span> <span style="color: #008800; font-weight: bold">nil</span> {
		<span style="color: #008800; font-weight: bold">return</span> <span style="color: #008800; font-weight: bold">nil</span>, err
	}

	securityDescriptor <span style="color: #333333">:=</span> securityInfoMap[securityDescriptorTag]

	<span style="color: #008800; font-weight: bold">if</span> securityDescriptor <span style="color: #333333">==</span> <span style="color: #008800; font-weight: bold">nil</span> {
		<span style="color: #008800; font-weight: bold">return</span> <span style="color: #008800; font-weight: bold">nil</span>, fmt.Errorf(<span style="background-color: #fff0f0">&quot;failed to get a security descriptor from a call to GetNamedSecurityInfoW&quot;</span>)
	}

	<span style="color: #008800; font-weight: bold">defer</span> freeWindowsSecurityDescriptor(securityDescriptor)

	securityDescriptorString, err <span style="color: #333333">:=</span> securityDescriptorString(securityDescriptor)

	<span style="color: #008800; font-weight: bold">if</span> err <span style="color: #333333">!=</span> <span style="color: #008800; font-weight: bold">nil</span> {
		<span style="color: #008800; font-weight: bold">return</span> <span style="color: #008800; font-weight: bold">nil</span>, err
	}

	ownerSid <span style="color: #333333">:=</span> securityInfoMap[ownerTag]

	<span style="color: #008800; font-weight: bold">if</span> ownerSid <span style="color: #333333">==</span> <span style="color: #008800; font-weight: bold">nil</span> {
		<span style="color: #008800; font-weight: bold">return</span> <span style="color: #008800; font-weight: bold">nil</span>, fmt.Errorf(<span style="background-color: #fff0f0">&quot;failed to get owner sid from a call to GetNamedSecurityInfoW&quot;</span>)
	}

	ownerSidString, err <span style="color: #333333">:=</span> stringFromSid(ownerSid)

	<span style="color: #008800; font-weight: bold">if</span> err <span style="color: #333333">!=</span> <span style="color: #008800; font-weight: bold">nil</span> {
		<span style="color: #008800; font-weight: bold">return</span> <span style="color: #008800; font-weight: bold">nil</span>, err
	}

	groupSid <span style="color: #333333">:=</span> securityInfoMap[groupTag]

	<span style="color: #008800; font-weight: bold">if</span> groupSid <span style="color: #333333">==</span> <span style="color: #008800; font-weight: bold">nil</span> {
		<span style="color: #008800; font-weight: bold">return</span> <span style="color: #008800; font-weight: bold">nil</span>, fmt.Errorf(<span style="background-color: #fff0f0">&quot;failed to get group sid from a call to GetNamedSecurityInfoW&quot;</span>)
	}

	groupSidString, err <span style="color: #333333">:=</span> stringFromSid(groupSid)

	<span style="color: #008800; font-weight: bold">if</span> err <span style="color: #333333">!=</span> <span style="color: #008800; font-weight: bold">nil</span> {
		<span style="color: #008800; font-weight: bold">return</span> <span style="color: #008800; font-weight: bold">nil</span>, err
	}

	result <span style="color: #333333">:=</span> <span style="color: #007020">make</span>(<span style="color: #008800; font-weight: bold">map</span>[<span style="color: #333399; font-weight: bold">string</span>]<span style="color: #333399; font-weight: bold">string</span>)
	result[daclTag] = securityDescriptorString
	result[ownerTag] = ownerSidString
	result[groupTag] = groupSidString

	<span style="color: #008800; font-weight: bold">return</span> result, <span style="color: #008800; font-weight: bold">nil</span>
}
</pre></td></tr></table></div>

<p>
    On line 14 in the listing above, we make a call to freeWindowsSecurityDescriptor(), which is really just wrapping a
    call to the Windows API function LocalFree().  This is the place where I decided to make my own call, rather than
    use one the syscall library supplies, because what I have after calling <a href="#securityInfo">securityInfo()</a>
    is a byte slice, as opposed to the handle type the syscall library defines in its implementation of LocalFree().
</p>

<p>
    We first turn the file DACL into string we can store for later use in restoration.  We do so using a call to
    <a href="#securityDescriptorString">securityDescriptorString()</a>.
</p>

<p>
    We then turn the owner and group SIDs into strings, mostly just for display purposes, as the DACL structure
    contains the owner and group SIDs.  We do so with a call to <a href="#stringFromSid">stringFromSid()</a>.
</p>

<a name="securityInfo">
    <div style="text-align: center;">
        <h3>securityInfo</h3>
    </div>
</a>

<p>
    securityInfo() wraps a call to the Windows API function
    <a href="https://msdn.microsoft.com/en-us/library/windows/desktop/aa446645(v=vs.85).aspx">GetNamedSecurityInfo</a>.
</p>
<div style="background: #ffffff; overflow:auto;width:auto;border:solid gray;border-width:.1em .1em .1em .8em;padding:.2em .6em;"><table><tr><td><pre style="margin: 0; line-height: 125%"> 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36</pre></td><td><pre style="margin: 0; line-height: 125%"><span style="color: #008800; font-weight: bold">func</span> (attributes <span style="color: #333333">*</span>WidowsFileAttributes) securityInfo() (<span style="color: #008800; font-weight: bold">map</span>[<span style="color: #333399; font-weight: bold">string</span>]<span style="color: #333333">*</span><span style="color: #333399; font-weight: bold">byte</span>, <span style="color: #333399; font-weight: bold">error</span>) {
	<span style="color: #008800; font-weight: bold">if</span> <span style="color: #007020">len</span>(attributes.windowsFileName) <span style="color: #333333">==</span> <span style="color: #0000DD; font-weight: bold">0</span> {
		<span style="color: #008800; font-weight: bold">return</span> <span style="color: #008800; font-weight: bold">nil</span>, fmt.Errorf(<span style="background-color: #fff0f0">&quot;file name is not set&quot;</span>)
	}

	<span style="color: #008800; font-weight: bold">var</span> numArgs <span style="color: #333399; font-weight: bold">uintptr</span> = <span style="color: #0000DD; font-weight: bold">8</span>
	<span style="color: #008800; font-weight: bold">var</span> securityDescriptor <span style="color: #333333">*</span><span style="color: #333399; font-weight: bold">byte</span> = <span style="color: #008800; font-weight: bold">nil</span>
	<span style="color: #008800; font-weight: bold">var</span> ownerSid <span style="color: #333333">*</span><span style="color: #333399; font-weight: bold">byte</span> = <span style="color: #008800; font-weight: bold">nil</span>
	<span style="color: #008800; font-weight: bold">var</span> groupSid <span style="color: #333333">*</span><span style="color: #333399; font-weight: bold">byte</span> = <span style="color: #008800; font-weight: bold">nil</span>

	returnVal, _, callErr <span style="color: #333333">:=</span> syscall.Syscall9(
		<span style="color: #007020">uintptr</span>(getNamedSecurityInfo),
		numArgs,
		<span style="color: #007020">uintptr</span>(unsafe.Pointer(<span style="color: #333333">&amp;</span>attributes.windowsFileName[<span style="color: #0000DD; font-weight: bold">0</span>])),
		<span style="color: #007020">uintptr</span>(fileSecurityInfo),
		<span style="color: #007020">uintptr</span>(desiredSecurityInformation),
		<span style="color: #007020">uintptr</span>(unsafe.Pointer(<span style="color: #333333">&amp;</span>ownerSid)),
		<span style="color: #007020">uintptr</span>(unsafe.Pointer(<span style="color: #333333">&amp;</span>groupSid)),
		<span style="color: #007020">uintptr</span>(<span style="color: #0000DD; font-weight: bold">0</span>),
		<span style="color: #007020">uintptr</span>(<span style="color: #0000DD; font-weight: bold">0</span>),
		<span style="color: #007020">uintptr</span>(unsafe.Pointer(<span style="color: #333333">&amp;</span>securityDescriptor)),
		<span style="color: #0000DD; font-weight: bold">0</span>,
	)

	<span style="color: #008800; font-weight: bold">if</span> returnVal <span style="color: #333333">!=</span> <span style="color: #0000DD; font-weight: bold">0</span> {
		<span style="color: #008800; font-weight: bold">return</span> <span style="color: #008800; font-weight: bold">nil</span>, callErr
	}

	result <span style="color: #333333">:=</span> <span style="color: #007020">make</span>(<span style="color: #008800; font-weight: bold">map</span>[<span style="color: #333399; font-weight: bold">string</span>]<span style="color: #333333">*</span><span style="color: #333399; font-weight: bold">byte</span>)

	result[securityDescriptorTag] = securityDescriptor
	result[ownerTag] = ownerSid
	result[groupTag] = groupSid

	<span style="color: #008800; font-weight: bold">return</span> result, <span style="color: #008800; font-weight: bold">nil</span>
}
</pre></td></tr></table></div>

<p>
    Here is where whe see a call into a Windows DLL for the first time.  On line 6 in the listing above, we see
    a variable declared as type uintptr, which is an integral type large enough to hold the bit pattern for any
    pointer.
</p>

<p>
    We make a call to syscall.Syscall9().  There are a number of functions in the syscall library that follow this
    naming pattern, where the trailing number indicates the maximum number of parameters we could pass to a DLL
    function.  You don't have to exactly match the number of parameters in the Syscall<i>X</i> function.  You indicate
    the number of parameters you are passing using the second parameter to the Syscall<i>X</i> functions, typed as
    a uintptr.  In this case, we're going to pass 8 parameters, so we declared <b>numArgs</b> (line 6 above) to be 8.
    Any parameters you won't be using you set to 0.
</p>

<p>
    The first parameter to the Syscall<i>X</i> function is the address of DLL function you want to call.  Recall that
    we got the address with a call to syscall.GetProcAddress().
</p>

<p>
    Each parameter we marshal to a function is also a uintptr.
    The first parameter GetNamedSecurityInfo() wants is the object name; the file name in this case.  The file name
    is a unicode string; a null-terminated sequence of unicode characters we have stored as a uint16 slice.  To get that
    series of characters marshaled, we get the address of the first byte in the slice.  On line 14 above, we reference
    that first byte as an unsafe.Pointer type; something that can point to the address of an instance of an arbitrary
    type.  The &quot;unsafe&quot; part of this is that a pointer to an arbitrary type bypasses golang's usual
    type checking.  Passing the address of a type whose size is different than the DLL function expects, or isn't really
    the address of a golang variable, will result in either a crash or passing gibberish.
</p>

<p>
    The next 2 values are the kind of object we want information about and the type of information we want.  The first of
    these (line 15 above) is an enumeration of type
    <a href="https://msdn.microsoft.com/en-us/library/windows/desktop/aa379593(v=vs.85).aspx">
    SE_OBJECT_TYPE</a> defined in the Windows API.  We want file information, which holds the enum value 1, so we pass
    a uint32 value of 1 housed in a uintptr.  uint32, because an enum type is a 32-bit integer in the Windows API.
</p>

<p>
    The next value (line 16 above) is a bit pattern of type
    <a href="https://msdn.microsoft.com/en-us/library/windows/desktop/aa379573(v=vs.85).aspx">SECURITY_INFORMATION</a>.
    Looking at Winnt.h, we see that the flags for the information we want are...
</p>

<a name="desiredSecurityInformation"></a>
<div style="background: #ffffff; overflow:auto;width:auto;border:solid gray;border-width:.1em .1em .1em .8em;padding:.2em .6em;"><table><tr><td><pre style="margin: 0; line-height: 125%">1
2
3
4
5</pre></td><td><pre style="margin: 0; line-height: 125%">	ownerSecurityInformation     <span style="color: #333399; font-weight: bold">uint32</span> = <span style="color: #0000DD; font-weight: bold">1</span>
	groupSecurityInformation     <span style="color: #333399; font-weight: bold">uint32</span> = <span style="color: #0000DD; font-weight: bold">2</span>
	daclSecurityInformation      <span style="color: #333399; font-weight: bold">uint32</span> = <span style="color: #0000DD; font-weight: bold">4</span>
	attributeSecurityInformation <span style="color: #333399; font-weight: bold">uint32</span> = <span style="color: #0000DD; font-weight: bold">32</span>
	desiredSecurityInformation          = ownerSecurityInformation | groupSecurityInformation | daclSecurityInformation | attributeSecurityInformation
</pre></td></tr></table></div>

<p>
    Again, a uint32 value we wrap in a uintptr.
</p>

<p>
    On lines 17 and 18, we supply byte addresses that will be filled in with the owner and group SIDs.  These are just
    pointers to parts of the data structure allocated in the call to GetNamedSecurityInfo() and returned in the
    <b>ppSecurityDescriptor</b> field (line 21).  At some point, we'll need to free the memory the API function
    allocates by calling <a href="#freeWindowsSecurityDescriptor">freeWindowsSecurityDescriptor</a>
</p>

<p>
    Any of the syscall.SysCall() functions return 3 values.  The first 2 are the return values from the function you are
    calling.  GetNamedSecurityInfo() returns a DWORD, a 32-bit integer, of value ERROR_SUCCESS, defined as 0, if the
    call succeeds.  So, we look at this value to see if it's 0.  If not, the 3rd return value from syscall.SysCall()
    is basically what you would think of as errno.  This value is of type error and will hold the result of
    <a href="https://msdn.microsoft.com/en-us/library/windows/desktop/ms679360(v=vs.85).aspx">
        GetLastError</a>.  If you print the error, you will see that it holds the formatted Windows error message.
</p>

<p>
    I haven't had the need to use the 2nd return value.
</p>

<p>
    If all is well, we fill in a map of string to byte pointer we can use to index into the owner or group SID or the
    SECURITY_DESCRIPTOR.
</p>

<a name="freeWindowsSecurityDescriptor">
    <div style="text-align: center;">
        <h3>freeWindowsSecurityDescriptor</h3>
    </div>
</a>

<p>
    This is a simple wrapper around a call to <a href="https://msdn.microsoft.com/en-us/library/windows/desktop/aa366730(v=vs.85).aspx">
    LocalFree</a>, typed to be compatible with the uint16 pointer allocated in the call to
    GetNamedSecurityInfo().
</p>

<div style="background: #ffffff; overflow:auto;width:auto;border:solid gray;border-width:.1em .1em .1em .8em;padding:.2em .6em;"><table><tr><td><pre style="margin: 0; line-height: 125%"> 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13</pre></td><td><pre style="margin: 0; line-height: 125%"><span style="color: #008800; font-weight: bold">func</span> freeWindowsSecurityDescriptor(securityDescriptor <span style="color: #333333">*</span><span style="color: #333399; font-weight: bold">byte</span>) <span style="color: #333399; font-weight: bold">uint32</span> {
	<span style="color: #008800; font-weight: bold">var</span> numArgs = <span style="color: #0000DD; font-weight: bold">1</span>

	returnVal, _, _ <span style="color: #333333">:=</span> syscall.Syscall(
		<span style="color: #007020">uintptr</span>(localFree),
		<span style="color: #007020">uintptr</span>(numArgs),
		<span style="color: #007020">uintptr</span>(unsafe.Pointer(securityDescriptor)),
		<span style="color: #0000DD; font-weight: bold">0</span>,
		<span style="color: #0000DD; font-weight: bold">0</span>,
	)

	<span style="color: #008800; font-weight: bold">return</span> <span style="color: #007020">uint32</span>(returnVal)
}
</pre></td></tr></table></div>


<a name="securityDescriptorString">
    <div style="text-align: center;">
        <h3>securityDescriptorString</h3>
    </div>
</a>

<p>
    securityDescriptorString() turns the byte array we get from a call to GetNamedSecurityInfo() into a string.  We
    can store that string and, later, turn it back into a SECURITY_DESCRIPTOR instance and set that rehydrated value
    on another file, most likely a file we create by copying the saved original back onto the file system.
</p>

<div style="background: #ffffff; overflow:auto;width:auto;border:solid gray;border-width:.1em .1em .1em .8em;padding:.2em .6em;"><table><tr><td><pre style="margin: 0; line-height: 125%"> 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25</pre></td><td><pre style="margin: 0; line-height: 125%"><span style="color: #008800; font-weight: bold">func</span> securityDescriptorString(securityDescriptor <span style="color: #333333">*</span><span style="color: #333399; font-weight: bold">byte</span>) (<span style="color: #333399; font-weight: bold">string</span>, <span style="color: #333399; font-weight: bold">error</span>) {
	<span style="color: #008800; font-weight: bold">var</span> numArgs <span style="color: #333399; font-weight: bold">uintptr</span> = <span style="color: #0000DD; font-weight: bold">5</span>
	<span style="color: #008800; font-weight: bold">var</span> securityDescriptorUnicodeText <span style="color: #333333">*</span><span style="color: #333399; font-weight: bold">uint16</span> = <span style="color: #008800; font-weight: bold">nil</span>
	<span style="color: #008800; font-weight: bold">var</span> securityDescriptorUnicodeTextLen <span style="color: #333399; font-weight: bold">uint32</span> = <span style="color: #0000DD; font-weight: bold">0</span>

	<span style="color: #888888">// Turn the security descriptor into a string we can save for later restoration</span>
	returnVal, _, callErr <span style="color: #333333">:=</span> syscall.Syscall6(
		<span style="color: #007020">uintptr</span>(convertSecurityDescriptorToStringSecurityDescriptor),
		numArgs,
		<span style="color: #007020">uintptr</span>(unsafe.Pointer(securityDescriptor)),
		<span style="color: #007020">uintptr</span>(sddlRevision),
		<span style="color: #007020">uintptr</span>(desiredSecurityInformation),
		<span style="color: #007020">uintptr</span>(unsafe.Pointer(<span style="color: #333333">&amp;</span>securityDescriptorUnicodeText)),
		<span style="color: #007020">uintptr</span>(unsafe.Pointer(<span style="color: #333333">&amp;</span>securityDescriptorUnicodeTextLen)),
		<span style="color: #0000DD; font-weight: bold">0</span>,
	)

	<span style="color: #008800; font-weight: bold">if</span> returnVal <span style="color: #333333">==</span> <span style="color: #0000DD; font-weight: bold">0</span> {
		<span style="color: #008800; font-weight: bold">return</span> <span style="background-color: #fff0f0">&quot;&quot;</span>, fmt.Errorf(<span style="background-color: #fff0f0">&quot;call to ConvertSecurityDescriptorToStringSecurityDescriptor failed with error: %v&quot;</span>, callErr)
	}

	<span style="color: #008800; font-weight: bold">defer</span> freeWindowsUnicodeText(securityDescriptorUnicodeText)

	<span style="color: #008800; font-weight: bold">return</span> unicodeStringToString(securityDescriptorUnicodeText), <span style="color: #008800; font-weight: bold">nil</span>
}
</pre></td></tr></table></div>

<p>
    Basically, we wrap a call to <a href="https://msdn.microsoft.com/en-us/library/windows/desktop/aa376397(v=vs.85).aspx">
    ConvertSecurityDescriptorToStringSecurityDescriptor</a>.  We supply a pointer to the byte slice containing the
    SECURITY_DESCRIPTOR we got from the call to GetNamedSecurityInfo().
</p>

<p>
    We also need to specify the
    <a href="https://msdn.microsoft.com/en-us/library/windows/desktop/aa379567(v=vs.85).aspx">SDDL</a> revision, which,
    right now, is the constant SDDL_REVISION_1; a 32-bit integer whose value is 1.  The string we get back from
    ConvertSecurityDescriptorToStringSecurityDescriptor() is a Domain-Specific Language (DSL) used to reconstruct
    a SECURITY_DESCRIPTOR from a string.
</p>

<p>
    The <a href="#desiredSecurityInformation">desiredSecurityInformation</a> parameter is the same we used in the
    call to GetNamedSecurityInfo().
</p>

<p>
    On line 13, above we supply the address of uint16 pointer that gets filled in with the security descriptor string.
    What we get back from Windows is a unicode string, so we need to hand a value to a sequence of 16-bit values.  We'll
    eventually need to free the allocated memory with a call to <a href="#freeWindowsUnicodeText">freeWindowsUnicodeText</a>
</p>

<p>
    On line 14, we pass the address of a 32-bit integer that gets filled in with the security descriptor string length.
    I didn't need to use that value, but it was handy to have for debugging.
</p>

<p>
    The return value from ConvertSecurityDescriptorToStringSecurityDescriptor() is a BOOL, where 0 means false, so the
    logic for checking for an error is the reverse of checking for an error in a call to GetNamedSecurityInfo().
</p>

<p>
    We return the value of the unicode text, after having turned it into a golang string with a call to
    <a href="#unicodeStringToString">unicodeStringToString</a>.
</p>

<a name="freeWindowsUnicodeText">
    <div style="text-align: center;">
        <h3>freeWindowsUnicodeText</h3>
    </div>
</a>

<p>
    This is a simple wrapper around a call to <a href="https://msdn.microsoft.com/en-us/library/windows/desktop/aa366730(v=vs.85).aspx">
    LocalFree</a>, typed to be compatible with the uint16 pointer allocated in the call to
    ConvertSecurityDescriptorToStringSecurityDescriptor().
</p>

<div style="background: #ffffff; overflow:auto;width:auto;border:solid gray;border-width:.1em .1em .1em .8em;padding:.2em .6em;"><table><tr><td><pre style="margin: 0; line-height: 125%"> 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13</pre></td><td><pre style="margin: 0; line-height: 125%"><span style="color: #008800; font-weight: bold">func</span> freeWindowsUnicodeText(allocatedMemory <span style="color: #333333">*</span><span style="color: #333399; font-weight: bold">uint16</span>) <span style="color: #333399; font-weight: bold">uint32</span> {
	<span style="color: #008800; font-weight: bold">var</span> numArgs = <span style="color: #0000DD; font-weight: bold">1</span>

	returnVal, _, _ <span style="color: #333333">:=</span> syscall.Syscall(
		<span style="color: #007020">uintptr</span>(localFree),
		<span style="color: #007020">uintptr</span>(numArgs),
		<span style="color: #007020">uintptr</span>(unsafe.Pointer(allocatedMemory)),
		<span style="color: #0000DD; font-weight: bold">0</span>,
		<span style="color: #0000DD; font-weight: bold">0</span>,
	)

	<span style="color: #008800; font-weight: bold">return</span> <span style="color: #007020">uint32</span>(returnVal)
}
</pre></td></tr></table></div>

<a name="unicodeStringToString">
    <div style="text-align: center;">
        <h3>unicodeStringToString</h3>
    </div>
</a>

<p>
    This is a pretty simple function that puts each 2-byte, unicode (utf-16) character into a slice, until we see the terminating
    NULL.  Then we return a golang string we get from decoding the utf-16 character slice.
</p>

<div style="background: #ffffff; overflow:auto;width:auto;border:solid gray;border-width:.1em .1em .1em .8em;padding:.2em .6em;"><table><tr><td><pre style="margin: 0; line-height: 125%"> 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13</pre></td><td><pre style="margin: 0; line-height: 125%"><span style="color: #008800; font-weight: bold">func</span> unicodeStringToString(unicodeString <span style="color: #333333">*</span><span style="color: #333399; font-weight: bold">uint16</span>) <span style="color: #333399; font-weight: bold">string</span> {
	<span style="color: #008800; font-weight: bold">if</span> unicodeString <span style="color: #333333">!=</span> <span style="color: #008800; font-weight: bold">nil</span> {
		unicodeStringSlice <span style="color: #333333">:=</span> <span style="color: #007020">make</span>([]<span style="color: #333399; font-weight: bold">uint16</span>, <span style="color: #0000DD; font-weight: bold">0</span>)
		<span style="color: #008800; font-weight: bold">for</span> unicodeStringCursor <span style="color: #333333">:=</span> <span style="color: #007020">uintptr</span>(unsafe.Pointer(unicodeString)); ; unicodeStringCursor <span style="color: #333333">+=</span> <span style="color: #0000DD; font-weight: bold">2</span> {
			unicodeCharacter <span style="color: #333333">:=</span> <span style="color: #333333">*</span>(<span style="color: #333333">*</span><span style="color: #333399; font-weight: bold">uint16</span>)(unsafe.Pointer(unicodeStringCursor))
			<span style="color: #008800; font-weight: bold">if</span> unicodeCharacter <span style="color: #333333">==</span> <span style="color: #0000DD; font-weight: bold">0</span> {
				<span style="color: #008800; font-weight: bold">return</span> <span style="color: #007020">string</span>(utf16.Decode(unicodeStringSlice))
			}
			unicodeStringSlice = <span style="color: #007020">append</span>(unicodeStringSlice, unicodeCharacter)
		}
	}
	<span style="color: #008800; font-weight: bold">return</span> <span style="background-color: #fff0f0">&quot;&quot;</span>
}
</pre></td></tr></table></div>

<a name="stringFromSid">
    <div style="text-align: center;">
        <h3>stringFromSid</h3>
    </div>
</a>

<p>
    This is a wrapper around <a href="https://msdn.microsoft.com/en-us/library/windows/desktop/aa376399(v=vs.85).aspx">ConvertSidToStringSid</a>
</p>

<div style="background: #ffffff; overflow:auto;width:auto;border:solid gray;border-width:.1em .1em .1em .8em;padding:.2em .6em;"><table><tr><td><pre style="margin: 0; line-height: 125%"> 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20</pre></td><td><pre style="margin: 0; line-height: 125%"><span style="color: #008800; font-weight: bold">func</span> stringFromSid(sid <span style="color: #333333">*</span><span style="color: #333399; font-weight: bold">byte</span>) (<span style="color: #333399; font-weight: bold">string</span>, <span style="color: #333399; font-weight: bold">error</span>) {
	<span style="color: #008800; font-weight: bold">var</span> numArgs <span style="color: #333399; font-weight: bold">uintptr</span> = <span style="color: #0000DD; font-weight: bold">2</span>
	<span style="color: #008800; font-weight: bold">var</span> sidUnicodeText <span style="color: #333333">*</span><span style="color: #333399; font-weight: bold">uint16</span> = <span style="color: #008800; font-weight: bold">nil</span>

	returnVal, _, callErr <span style="color: #333333">:=</span> syscall.Syscall(
		<span style="color: #007020">uintptr</span>(convertSidToStringSid),
		numArgs,
		<span style="color: #007020">uintptr</span>(unsafe.Pointer(sid)),
		<span style="color: #007020">uintptr</span>(unsafe.Pointer(<span style="color: #333333">&amp;</span>sidUnicodeText)),
		<span style="color: #0000DD; font-weight: bold">0</span>,
	)

	<span style="color: #008800; font-weight: bold">if</span> returnVal <span style="color: #333333">==</span> <span style="color: #0000DD; font-weight: bold">0</span> {
		<span style="color: #008800; font-weight: bold">return</span> <span style="background-color: #fff0f0">&quot;&quot;</span>, callErr
	}

	<span style="color: #008800; font-weight: bold">defer</span> freeWindowsUnicodeText(sidUnicodeText)

	<span style="color: #008800; font-weight: bold">return</span> unicodeStringToString(sidUnicodeText), <span style="color: #008800; font-weight: bold">nil</span>
}
</pre></td></tr></table></div>

<p>
    Here again, Windows allocates the SID string representation that must later be freed with a call to
    <a href="#freeWindowsUnicodeText">freeWindowsUnicodeText</a>.
</p>

<p>
    Like we did before, we return a <a href="#unicodeStringToString">golang string</a> constructed from the allocated utf-16 string.
</p>

<a name="setSecurityDescriptor">
    <div style="text-align: center;">
        <h3>SetSecurityDescriptor</h3>
    </div>
</a>

<p>
    The last thing we have to talk about is the inverse of <a href="#getSecurityDescriptor">GetSecurityDescriptor()</a>.
    There really isn't much new here, in terms of golang's use of syscall.  This function takes the string we get from
    GetSecurityDescriptor() and turns it back into a SID using a call to
    <a href="https://msdn.microsoft.com/en-us/library/windows/desktop/aa376401(v=vs.85).aspx">ConvertStringSecurityDescriptorToSecurityDescriptor</a>.
    A call to <a href="https://msdn.microsoft.com/en-us/library/windows/desktop/aa379577(v=vs.85).aspx">SetFileSecurity</a>
    restores the security context to a file.
</p>

<div style="background: #ffffff; overflow:auto;width:auto;border:solid gray;border-width:.1em .1em .1em .8em;padding:.2em .6em;"><table><tr><td><pre style="margin: 0; line-height: 125%"> 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48</pre></td><td><pre style="margin: 0; line-height: 125%"><span style="color: #008800; font-weight: bold">func</span> (attributes <span style="color: #333333">*</span>WidowsFileAttributes) SetSecurityDescriptor(securityDescriptorString <span style="color: #333399; font-weight: bold">string</span>) <span style="color: #333399; font-weight: bold">error</span> {
	windowsSecurityDescriptorText, err <span style="color: #333333">:=</span> syscall.UTF16FromString(securityDescriptorString)

	<span style="color: #008800; font-weight: bold">if</span> err <span style="color: #333333">!=</span> <span style="color: #008800; font-weight: bold">nil</span> {
		<span style="color: #008800; font-weight: bold">return</span> fmt.Errorf(<span style="background-color: #fff0f0">&quot;failed to convert %s to Windows equivalent&quot;</span>, securityDescriptorString)
	}

	<span style="color: #008800; font-weight: bold">var</span> numArgs <span style="color: #333399; font-weight: bold">uintptr</span> = <span style="color: #0000DD; font-weight: bold">4</span>
	<span style="color: #008800; font-weight: bold">var</span> securityDescriptor <span style="color: #333333">*</span><span style="color: #333399; font-weight: bold">byte</span> = <span style="color: #008800; font-weight: bold">nil</span>
	<span style="color: #008800; font-weight: bold">var</span> securityDescriptorSize <span style="color: #333399; font-weight: bold">uint32</span> = <span style="color: #0000DD; font-weight: bold">0</span>

	returnVal, _, callErr <span style="color: #333333">:=</span> syscall.Syscall6(
		<span style="color: #007020">uintptr</span>(convertStringSecurityDescriptorToSecurityDescriptor),
		numArgs,
		<span style="color: #007020">uintptr</span>(unsafe.Pointer(<span style="color: #333333">&amp;</span>windowsSecurityDescriptorText[<span style="color: #0000DD; font-weight: bold">0</span>])),
		<span style="color: #007020">uintptr</span>(sddlRevision),
		<span style="color: #007020">uintptr</span>(unsafe.Pointer(<span style="color: #333333">&amp;</span>securityDescriptor)),
		<span style="color: #007020">uintptr</span>(unsafe.Pointer(<span style="color: #333333">&amp;</span>securityDescriptorSize)),
		<span style="color: #0000DD; font-weight: bold">0</span>,
		<span style="color: #0000DD; font-weight: bold">0</span>,
	)

	<span style="color: #008800; font-weight: bold">if</span> returnVal <span style="color: #333333">==</span> <span style="color: #0000DD; font-weight: bold">0</span> {
		<span style="color: #008800; font-weight: bold">return</span> fmt.Errorf(<span style="background-color: #fff0f0">&quot;call to ConvertStringSecurityDescriptorToSecurityDescriptor failed with error: %v&quot;</span>, callErr)
	}

	<span style="color: #008800; font-weight: bold">defer</span> freeWindowsSecurityDescriptor(securityDescriptor)

	numArgs = <span style="color: #0000DD; font-weight: bold">3</span>

	<span style="color: #008800; font-weight: bold">if</span> <span style="color: #007020">len</span>(attributes.windowsFileName) <span style="color: #333333">==</span> <span style="color: #0000DD; font-weight: bold">0</span> {
		<span style="color: #008800; font-weight: bold">return</span> fmt.Errorf(<span style="background-color: #fff0f0">&quot;file name is not set&quot;</span>)
	}

	returnVal, _, callErr = syscall.Syscall(
		<span style="color: #007020">uintptr</span>(setFileSecurity),
		numArgs,
		<span style="color: #007020">uintptr</span>(unsafe.Pointer(<span style="color: #333333">&amp;</span>attributes.windowsFileName[<span style="color: #0000DD; font-weight: bold">0</span>])),
		<span style="color: #007020">uintptr</span>(desiredSecurityInformation),
		<span style="color: #007020">uintptr</span>(unsafe.Pointer(securityDescriptor)),
	)

	<span style="color: #008800; font-weight: bold">if</span> returnVal <span style="color: #333333">==</span> <span style="color: #0000DD; font-weight: bold">0</span> {
		<span style="color: #008800; font-weight: bold">return</span> fmt.Errorf(<span style="background-color: #fff0f0">&quot;call to SetFileSecurity failed with error: %v&quot;</span>, callErr)
	}

	<span style="color: #008800; font-weight: bold">return</span> <span style="color: #008800; font-weight: bold">nil</span>
}
</pre></td></tr></table></div>

<div style="text-align: center;">
    <h1>Wrapping Up</h1>
</div>

<p>
    So there you have it.  One last thing to mention is the web site that generated the code fragments in this
    document: <a href="http://hilite.me">hilite.me</a>.  It is most useful.
</p>

</body>
</html>