Show the Owner of a File

In my most recent article in TechNet Magazine I wrote:

Unfortunately, icacls.exe can’t show you the owner of an object. There is no way to actually see, from the command line, who the owner of an object is. Furthermore, if you save the ACL for an object, it does not save the owner of the object.

As an author, I really hate it when, no matter how many times I seem to edit things, a statement that is unclear still slips through unchecked. The statement, as written, seems to indicate that there are no command line tools, in the universe of command line tools, that can show the owner of an object. Not only is that not the case, it wouldn't take more than a few lines of code to produce one. What I, unsuccessfully, was trying to say was this:

Unfortunately, icacls.exe can’t show you the owner of an object. There are, of course, other tools that can do that, including DIR /Q, but it would have been logical for icacls to include the ability to show who the owner of an object is. Furthermore, if you save the ACL for an object, it does not save the owner of the object.

As I said, there is DIR /Q, which is built in. There are also others that can do this:

  • My favorite tool: subinacl /file notepad.exe /display=owner
  • Chad pointed me to fileacl c:\test /owner

There are probably a lot more, but all I really want is for one tool to do it all (with a slightly less obscure syntax than subinacl, and built in).

The book, from which this article is an excerpt, is a bit clearer on this point, but I wish I had thought to clarify it further from the outset. Sorry about the confusion.

Published 02 July 2007 04:36 PM by jesper
Filed under: ,

Comments

# Aaron Margosis said on 02 July, 2007 11:52 PM

One of my favorites is objsd.exe, which ships in the companion content of Hunting Security Bugs:

www.microsoft.com/.../0-7356-2187-X

However, it needs to be updated for Vista, as it doesn't show the integrity label.

Leave a Comment

(required) 
(required) 
(optional)
(required)