Ejemplo n.º 1
0
        static void CheckAccess(FileSystemInfo entry)
        {
            try
            {
                SecurityDescriptor sd = NtSecurity.FromNamedObject(@"\??\" + entry.FullName, "file");
                if (sd != null)
                {
                    bool is_dir = entry is DirectoryInfo;
                    uint granted_access;

                    if (is_dir && _dir_filter != 0)
                    {
                        granted_access = NtSecurity.GetAllowedAccess(_token, _type, _dir_filter, sd.ToByteArray());
                    }
                    else if (!is_dir && _file_filter != 0)
                    {
                        granted_access = NtSecurity.GetAllowedAccess(_token, _type, _file_filter, sd.ToByteArray());
                    }
                    else
                    {
                        granted_access = NtSecurity.GetMaximumAccess(_token, _type, sd.ToByteArray());
                    }

                    if (granted_access != 0)
                    {
                        // Now reget maximum access rights
                        if (_dir_filter != 0 || _file_filter != 0)
                        {
                            granted_access = NtSecurity.GetMaximumAccess(_token, _type, sd.ToByteArray());
                        }

                        if (!_show_write_only || _type.HasWritePermission(granted_access))
                        {
                            Console.WriteLine("{0}{1} : {2:X08} {3}", entry.FullName, is_dir ? "\\" : "", granted_access, AccessMaskToString(granted_access, is_dir));
                            if (_print_sddl)
                            {
                                Console.WriteLine("{0}", sd.ToSddl());
                            }
                        }
                    }
                }
            }
            catch (Exception)
            {
            }
        }