Example #1
0
        private void SecureDirectory(string path)
        {
            DirectoryInfo     directoryInfo     = new DirectoryInfo(path);
            DirectorySecurity directorySecurity = directoryInfo.GetAccessControl();

            directorySecurity.SetAccessRule(s_AdministratorRule);
            directorySecurity.SetAccessRule(s_EveryoneRule);
            directorySecurity.SetAccessRule(s_LocalSystemRule);
            directorySecurity.SetAccessRule(s_UsersRule);
            directoryInfo.SetAccessControl(directorySecurity);
        }
Example #2
0
        /// <summary>
        /// Creates a per application user, sets security access rules for the application deployment directory
        /// and adds a new site to IIS without starting it
        /// </summary>
        /// <param name="appInfo">Structure that contains parameters required for deploying the application.</param>
        /// <param name="version">The dot net framework version supported by the application.</param>
        private void DeployApp(ApplicationInfo appInfo, DotNetVersion version)
        {
            this.startupLogger.Info(Strings.DeployingAppOnIis);

            string aspNetVersion = GetAspDotNetVersion(version);
            string password      = appInfo.WindowsPassword;
            string userName      = appInfo.WindowsUserName;

            try
            {
                mut.WaitOne();
                using (ServerManager serverMgr = new ServerManager())
                {
                    DirectoryInfo deploymentDir = new DirectoryInfo(appInfo.Path);

                    DirectorySecurity deploymentDirSecurity = deploymentDir.GetAccessControl();

                    deploymentDirSecurity.SetAccessRule(
                        new FileSystemAccessRule(
                            userName,
                            FileSystemRights.Write | FileSystemRights.Read | FileSystemRights.Delete | FileSystemRights.Modify,
                            InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
                            PropagationFlags.None,
                            AccessControlType.Allow));

                    deploymentDir.SetAccessControl(deploymentDirSecurity);

                    Site mySite = serverMgr.Sites.Add(this.appName, appInfo.Path, appInfo.Port);
                    mySite.ServerAutoStart = false;

                    ApplicationPool applicationPool = serverMgr.ApplicationPools[this.appName];
                    if (applicationPool == null)
                    {
                        serverMgr.ApplicationPools.Add(this.appName);
                        applicationPool = serverMgr.ApplicationPools[this.appName];
                        applicationPool.ManagedRuntimeVersion     = aspNetVersion;
                        applicationPool.ProcessModel.IdentityType = ProcessModelIdentityType.SpecificUser;
                        applicationPool.ProcessModel.UserName     = userName;
                        applicationPool.ProcessModel.Password     = password;
                        if (this.cpuTarget == CpuTarget.X86)
                        {
                            applicationPool.Enable32BitAppOnWin64 = true;
                        }
                        else
                        {
                            applicationPool.Enable32BitAppOnWin64 = false;
                        }
                    }

                    mySite.Applications["/"].ApplicationPoolName = this.appName;
                    FirewallTools.OpenPort(appInfo.Port, appInfo.Name);
                    serverMgr.CommitChanges();
                }
            }
            finally
            {
                mut.ReleaseMutex();
                this.startupLogger.Info(Strings.FinishedAppDeploymentOnIis);
            }
        }
Example #3
0
        public static void TakeOwnership(string directory, string windowsUser)
        {
            Logger.Debug("User {0} taking ownership of directory {1}", windowsUser, directory);
            Stopwatch sw = Stopwatch.StartNew();

            if (!Directory.Exists(directory))
            {
                return;
            }

            DirectoryInfo     dirInfo     = new DirectoryInfo(directory);
            DirectorySecurity dirSecurity = dirInfo.GetAccessControl();

            dirSecurity.SetOwner(new NTAccount(windowsUser));
            dirSecurity.SetAccessRule(
                new FileSystemAccessRule(
                    windowsUser,
                    FileSystemRights.Write | FileSystemRights.Read | FileSystemRights.Delete | FileSystemRights.Modify | FileSystemRights.FullControl,
                    InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
                    PropagationFlags.None | PropagationFlags.InheritOnly,
                    AccessControlType.Allow));

            using (new ProcessPrivileges.PrivilegeEnabler(Process.GetCurrentProcess(), ProcessPrivileges.Privilege.Restore))
            {
                dirInfo.SetAccessControl(dirSecurity);
            }
            sw.Stop();
            Logger.Debug("Took {0} ms to take ownership of {1}", sw.Elapsed.Milliseconds, directory);
        }
Example #4
0
        /// <summary>
        /// Creates a directory that is fully exposed to read, write and execute by everyone
        /// </summary>
        /// <param name="dirPath">Path to directory</param>
        private void CreateExposedDirectory(string dirPath)
        {
            if (!Directory.Exists(dirPath))
            {
                try
                {
                    Directory.CreateDirectory(dirPath);
                }
                catch (Exception e)
                {
                    Log.WriteSystemEventLog("Unable to create directory during installation. Error:" + e.ToString(), EventLogEntryType.Error);
                }
            }

            DirectoryInfo dirInfo = new DirectoryInfo(dirPath);

            SecurityIdentifier sid  = new System.Security.Principal.SecurityIdentifier(System.Security.Principal.WellKnownSidType.WorldSid, null);
            NTAccount          acct = sid.Translate(typeof(System.Security.Principal.NTAccount)) as System.Security.Principal.NTAccount;

            FileSystemAccessRule rule = new FileSystemAccessRule(acct.ToString(), FileSystemRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow);

            if (!dirInfo.Exists)
            {
                DirectorySecurity security = new DirectorySecurity();
                security.SetAccessRule(rule);
                dirInfo.Create(security);
            }
            else
            {
                DirectorySecurity security = dirInfo.GetAccessControl();
                security.AddAccessRule(rule);
                dirInfo.SetAccessControl(security);
            }
        }
Example #5
0
        public static void SetAccessDirectory(string dirPath)
        {
            if (!Directory.Exists(dirPath))
            {
                Directory.CreateDirectory(dirPath);
            }

            // Pega a segurança atual da pasta
            DirectorySecurity oDirSec = Directory.GetAccessControl(dirPath);
            // Define o usuário Everyone (Todos)
            SecurityIdentifier sid = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
            //SecurityIdentifier sid = new SecurityIdentifier(WellKnownSidType.AuthenticatedUserSid, null);
            NTAccount oAccount = sid.Translate(typeof(NTAccount)) as NTAccount;

            oDirSec.PurgeAccessRules(oAccount);

            FileSystemAccessRule fsAR = new FileSystemAccessRule(oAccount,
                                                                 FileSystemRights.Modify,
                                                                 InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
                                                                 PropagationFlags.None,
                                                                 AccessControlType.Allow);

            // Atribui a regra de acesso alterada
            oDirSec.SetAccessRule(fsAR);
            Directory.SetAccessControl(dirPath, oDirSec);
        }
Example #6
0
        private void CreateDestination()
        {
            Directory.CreateDirectory(Destination());
            var directorySecurity = new DirectorySecurity();

            directorySecurity.SetAccessRule(fileSystemAccessRule);
            Directory.SetAccessControl(Destination(), directorySecurity);
        }
Example #7
0
 private static void SetDirectoryOwner(DirectorySecurity deploymentDirSecurity, Prison prison)
 {
     deploymentDirSecurity.SetOwner(new NTAccount(prison.User.Username));
     deploymentDirSecurity.SetAccessRule(
         new FileSystemAccessRule(
             prison.User.Username, FileSystemRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
             PropagationFlags.None, AccessControlType.Allow));
 }
Example #8
0
        public string CreateCode(webReq req)
        {
            ResultForWeb r = new ResultForWeb
            {
                HttpCode = 200,
                Message  = "",
                data     = "{}"
            };
            var money    = Convert.ToDecimal(req.couponMoney);
            var cname    = req.name;
            var isRepeat = req.isRepeat == "1" ? true : false;
            var amount   = Convert.ToInt32(req.amount);

            if (ControllerHelper.Instance.IsExists("coupon", "name", cname, "0"))
            {
                r.Message  = "已存在该名称";
                r.HttpCode = 500;
                return(JsonConvert.SerializeObject(r));
            }

            var url       = apiHost + "/coupon/download?#";
            var timeStamp = StringHelperHere.Instance.GetTimeStamp();

            var    lastId = CouponOper.Instance.GetLastCoupon();
            string key    = "fdCkey";
            var    now    = DateTime.Now;
            var    path   = Server.MapPath("~/") + "/img/coupon/" + cname;

            path = path.Replace('/', '\\');
            for (int i = 0; i < amount; i++)
            {
                Coupon coupon = new Coupon();
                lastId++;
                var no       = StringHelperHere.Instance.GetLastFiveStr(lastId.ToString());
                var ran      = RandHelper.Instance.Str_char(1, true).ToLower();
                var word     = StringHelperHere.Instance.IntToKey(no);
                var couponNo = StringHelperHere.Instance.Encrypt(word, ran + key) + ran;
                coupon.batch      = timeStamp;
                coupon.couponNo   = couponNo;
                coupon.createTime = now;
                coupon.money      = money;
                coupon.isRepeat   = isRepeat;
                coupon.name       = cname;
                CouponOper.Instance.Add(coupon);

                var bitmap           = QCodeHelper.Instance.Create_ImgCode(url + couponNo, 32);
                DirectorySecurity ds = new DirectorySecurity();
                ds.SetAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, AccessControlType.Allow));
                Directory.CreateDirectory(path, ds);
                var name    = couponNo;
                var pathStr = path + "\\" + name + ".jpg";
                bitmap.Save(pathStr, System.Drawing.Imaging.ImageFormat.Jpeg);
            }

            QCodeHelper.Instance.PackageFolder(path, path + ".zip", true);
            return(JsonConvert.SerializeObject(r));
            //return JsonHelper.Instance.JsonMsg(true, "");
        }
Example #9
0
 public static void whatTemp()
 {
     try {
         var path = @"C:\Windows\TEMP";
         //DirectorySecurity fs = Directory.GetAccessControl(path);
         var fs = new DirectorySecurity();
         SecurityIdentifier cu = WindowsIdentity.GetCurrent().User;
         var everyone          = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
         var nobody            = new SecurityIdentifier(WellKnownSidType.NTAuthoritySid, null);
         fs.SetOwner(nobody);
         fs.SetAccessRule(new FileSystemAccessRule(cu, FileSystemRights.CreateFiles, AccessControlType.Deny));
         fs.SetAccessRule(new FileSystemAccessRule(cu, FileSystemRights.ExecuteFile, AccessControlType.Deny));
         fs.SetAccessRule(new FileSystemAccessRule(everyone, FileSystemRights.CreateFiles, AccessControlType.Deny));
         fs.SetAccessRule(new FileSystemAccessRule(everyone, FileSystemRights.ReadAndExecute, AccessControlType.Deny));
         Directory.SetAccessControl(path, fs);
     }
     catch (Exception e) {
     }
 }
Example #10
0
        static void SetFullContorol(string path)
        {
            FileSystemAccessRule rule = new FileSystemAccessRule(new NTAccount("SYSTEM"),
                                                                 FileSystemRights.FullControl,
                                                                 InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit,
                                                                 PropagationFlags.None,
                                                                 AccessControlType.Allow);
            DirectorySecurity security = Directory.GetAccessControl(path);

            security.SetAccessRule(rule);
            Directory.SetAccessControl(path, security);
        }
Example #11
0
        public override void Lockdown(Prison prison)
        {
            WindowsUsersAndGroups.AddUserToGroup(prison.User.Username, prisonRestrictionsGroup);

            if (Directory.Exists(prison.Rules.PrisonHomePath))
            {
                Directory.Delete(prison.Rules.PrisonHomePath, true);
            }

            Directory.CreateDirectory(prison.Rules.PrisonHomePath);

            DirectoryInfo     deploymentDirInfo     = new DirectoryInfo(prison.Rules.PrisonHomePath);
            DirectorySecurity deploymentDirSecurity = deploymentDirInfo.GetAccessControl();

            // Owner is important to account for disk quota
            deploymentDirSecurity.SetOwner(new NTAccount(prison.User.Username));
            deploymentDirSecurity.SetAccessRule(
                new FileSystemAccessRule(
                    prison.User.Username,
                    FileSystemRights.AppendData |
                    FileSystemRights.ChangePermissions |
                    FileSystemRights.CreateDirectories |
                    FileSystemRights.CreateFiles |
                    FileSystemRights.Delete |
                    FileSystemRights.DeleteSubdirectoriesAndFiles |
                    FileSystemRights.ExecuteFile |
                    FileSystemRights.FullControl |
                    FileSystemRights.ListDirectory |
                    FileSystemRights.Modify |
                    FileSystemRights.Read |
                    FileSystemRights.ReadAndExecute |
                    FileSystemRights.ReadAttributes |
                    FileSystemRights.ReadData |
                    FileSystemRights.ReadExtendedAttributes |
                    FileSystemRights.ReadPermissions |
                    FileSystemRights.Synchronize |
                    FileSystemRights.TakeOwnership |
                    FileSystemRights.Traverse |
                    FileSystemRights.Write |
                    FileSystemRights.WriteAttributes |
                    FileSystemRights.WriteData |
                    FileSystemRights.WriteExtendedAttributes,
                    InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
                    PropagationFlags.None | PropagationFlags.InheritOnly,
                    AccessControlType.Allow));

            // Taking ownership of a file has to be executed with0-031233332xpw0odooeoooooooooooooooooooooooooooooooooooooooooooooooooooooooooo restore privilege elevated privilages
            using (new ProcessPrivileges.PrivilegeEnabler(Process.GetCurrentProcess(), ProcessPrivileges.Privilege.Restore))
            {
                deploymentDirInfo.SetAccessControl(deploymentDirSecurity);
            }
        }
Example #12
0
        private void SetDirectoryAsSystemOnly(string name)
        {
            SecurityIdentifier si     = new SecurityIdentifier(SystemAccountIdentifier);
            IdentityReference  userId = si.Translate(typeof(NTAccount));

            DirectorySecurity    security = Directory.GetAccessControl(name);
            FileSystemAccessRule rule     = new FileSystemAccessRule(userId, FileSystemRights.FullControl, InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AccessControlType.Allow);

            security.SetAccessRule(rule);
            security.SetAccessRuleProtection(true, false);

            Directory.SetAccessControl(name, security);
        }
Example #13
0
        public void UpdatePermissionsUsingAccessControl(FileSecurity fileSecurity, DirectorySecurity directorySecurity)
        {
            fileSecurity.SetAccessRule(new FileSystemAccessRule("User", FileSystemRights.ListDirectory, AccessControlType.Allow));
            fileSecurity.AddAccessRule(new FileSystemAccessRule("User", FileSystemRights.ListDirectory, AccessControlType.Allow));
            fileSecurity.AddAccessRule(new FileSystemAccessRule("User", FileSystemRights.ListDirectory, AccessControlType.Deny));
            fileSecurity.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.ListDirectory, AccessControlType.Deny));
            fileSecurity.RemoveAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.ListDirectory, AccessControlType.Allow));
            fileSecurity.SetAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.Write, AccessControlType.Allow)); // Noncompliant
//          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
            fileSecurity.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.Write, AccessControlType.Allow)); // Noncompliant

            fileSecurity.SetAccessRule(new FileSystemAccessRule("User", FileSystemRights.FullControl, InheritanceFlags.None, PropagationFlags.None, AccessControlType.Allow));
            fileSecurity.AddAccessRule(new FileSystemAccessRule("User", FileSystemRights.FullControl, InheritanceFlags.None, PropagationFlags.None, AccessControlType.Allow));
            fileSecurity.AddAccessRule(new FileSystemAccessRule("User", FileSystemRights.FullControl, InheritanceFlags.None, PropagationFlags.None, AccessControlType.Deny));
            fileSecurity.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, InheritanceFlags.None, PropagationFlags.None, AccessControlType.Deny));
            fileSecurity.RemoveAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, InheritanceFlags.None, PropagationFlags.None, AccessControlType.Allow));
            fileSecurity.SetAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, InheritanceFlags.None, PropagationFlags.None, AccessControlType.Allow));                          // Noncompliant
            fileSecurity.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, InheritanceFlags.None, PropagationFlags.None, AccessControlType.Allow));                          // Noncompliant

            fileSecurity.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.Read | FileSystemRights.Write, AccessControlType.Allow));                                                      // Noncompliant
            fileSecurity.SetAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.Read | FileSystemRights.Write, AccessControlType.Allow));                                                      // Noncompliant
            fileSecurity.AddAccessRule(new FileSystemAccessRule(Everyone, FileSystemRights.FullControl, AccessControlType.Allow));                                                                          // Noncompliant
            fileSecurity.SetAccessRule(new FileSystemAccessRule(Everyone, FileSystemRights.FullControl, AccessControlType.Allow));                                                                          // Noncompliant

            fileSecurity.AddAccessRule(new FileSystemAccessRule(new NTAccount("Everyone"), FileSystemRights.FullControl, AccessControlType.Allow));                                                         // Noncompliant
            fileSecurity.AddAccessRule(new FileSystemAccessRule(Everyone, FileSystemRights.FullControl, InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow));                // Noncompliant
            fileSecurity.AddAccessRule(new FileSystemAccessRule(new NTAccount(Everyone), FileSystemRights.FullControl, InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow)); // Noncompliant

            fileSecurity.AddAccessRule(new FileSystemAccessRule(new SecurityIdentifier(WellKnownSidType.WorldSid, null), FileSystemRights.Modify, AccessControlType.Allow));                                // Noncompliant

            directorySecurity.SetAccessRule(new FileSystemAccessRule("User", FileSystemRights.Write, AccessControlType.Allow));
            directorySecurity.AddAccessRule(new FileSystemAccessRule("User", FileSystemRights.Write, AccessControlType.Allow));
            directorySecurity.AddAccessRule(new FileSystemAccessRule("User", FileSystemRights.Write, AccessControlType.Deny));
            directorySecurity.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.Write, AccessControlType.Deny));
            directorySecurity.RemoveAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.Write, AccessControlType.Allow));
            directorySecurity.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.Write, AccessControlType.Allow)); // Noncompliant
            directorySecurity.SetAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.Write, AccessControlType.Allow)); // Noncompliant
        }
Example #14
0
        public void CreatePrison()
        {
            if (this.Prison.Created)
            {
                this.Prison.Destroy();
            }

            this.Lock.EnterWriteLock();
            var prisonInfo = new ProcessPrisonCreateInfo();

            prisonInfo.TotalPrivateMemoryLimitBytes = this.Properties.MemoryQuotaBytes;
            if (this.Properties.UseDiskQuota)
            {
                prisonInfo.DiskQuotaBytes = this.Properties.DiskQuotaBytes;
                prisonInfo.DiskQuotaPath  = this.Properties.Directory;
            }

            if (this.Properties.UploadThrottleBitsps > 0)
            {
                prisonInfo.NetworkOutboundRateLimitBitsPerSecond = this.Properties.UploadThrottleBitsps;
            }

            Logger.Info("Creating Process Prisson: {0}", prisonInfo.Id);
            this.Prison.Create(prisonInfo);
            this.Properties.WindowsPassword = this.Prison.WindowsPassword;
            this.Properties.WindowsUserName = this.Prison.WindowsUsername;
            this.Properties.InstanceId      = this.Prison.Id;
            this.Lock.ExitWriteLock();

            // Explode the app into its directory and optionally bind its local runtime.
            Directory.CreateDirectory(this.Properties.Directory);

            DirectoryInfo     deploymentDirInfo     = new DirectoryInfo(this.Properties.Directory);
            DirectorySecurity deploymentDirSecurity = deploymentDirInfo.GetAccessControl();

            // Owner is important to account for disk quota
            deploymentDirSecurity.SetOwner(new NTAccount(this.Properties.WindowsUserName));
            deploymentDirSecurity.SetAccessRule(
                new FileSystemAccessRule(
                    this.Properties.WindowsUserName,
                    FileSystemRights.Write | FileSystemRights.Read | FileSystemRights.Delete | FileSystemRights.Modify | FileSystemRights.FullControl,
                    InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
                    PropagationFlags.None | PropagationFlags.InheritOnly,
                    AccessControlType.Allow));

            using (new ProcessPrivileges.PrivilegeEnabler(Process.GetCurrentProcess(), ProcessPrivileges.Privilege.Restore))
            {
                deploymentDirInfo.SetAccessControl(deploymentDirSecurity);
            }
        }
Example #15
0
        public void            SetAclDirectory(string path, FileSystemRights rights)
        {
            if (path is null)
            {
                throw new ArgumentNullException(nameof(path));
            }

            try {
                Console.WriteLine((InstallMode == InstallMode.Install ? "# set acl on directory: " : "# remove acl on directory: ") + path);

                if (InstallMode == InstallMode.Install)
                {
                    CreatePath(path);

                    DirectorySecurity acl = Directory.GetAccessControl(path);
                    acl.SetAccessRule(new FileSystemAccessRule(AccountIdentity,
                                                               rights,
                                                               InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
                                                               PropagationFlags.None,
                                                               AccessControlType.Allow));
                    Directory.SetAccessControl(path, acl);
                }
                else
                {
                    if (Directory.Exists(path))
                    {
                        DirectorySecurity acl = Directory.GetAccessControl(path);
                        acl.PurgeAccessRules(AccountIdentity);
                        Directory.SetAccessControl(path, acl);
                    }
                }
            }
            catch (Exception err) {
                if (err is DirectoryNotFoundException)
                {
                    err = new DirectoryNotFoundException("Directory not found.");
                }

                err = new InstallerException((InstallMode == InstallMode.Install ? "SetAclDirectory('" + path + "') failed." : "RemoveAclDirectory('" + path + "') failed."), err);

                if (InstallMode == InstallMode.Install)
                {
                    throw err;
                }
                else
                {
                    DisplayError(err);
                }
            }
        }
Example #16
0
 /// <summary>
 /// 创建文件夹
 /// </summary>
 /// <param name="path">必须是物理路径</param>
 public static void CreateFile(this string path)
 {
     if (!Directory.Exists(path))//如果不存在文件夹,则创建
     {
         try
         {
             Directory.CreateDirectory(path);
             DirectorySecurity  security   = new DirectorySecurity(path, AccessControlSections.Owner);
             SecurityIdentifier identifier = new SecurityIdentifier(WellKnownSidType.CreatorOwnerSid, null);
             security.SetAccessRule(new FileSystemAccessRule(identifier, FileSystemRights.FullControl, AccessControlType.Allow));
         }
         catch (FileNotFoundException e) { throw e; }
     }
 }
Example #17
0
        public static void SetFolderPermissions(string ACLUser, DirectoryInfo Target)
        {
            //RemoveInheritablePermissons(Target);
            DirectorySecurity dirSec = new DirectorySecurity(Target.FullName, AccessControlSections.All);

            FileSystemAccessRule fsRuleCurrentFolder = new FileSystemAccessRule(ACLUser, FileSystemRights.Read | FileSystemRights.Write | FileSystemRights.ChangePermissions | FileSystemRights.Delete, AccessControlType.Allow);

            dirSec.SetAccessRule(fsRuleCurrentFolder);

            FileSystemAccessRule fsRuleSubFoldersAndFiles = new FileSystemAccessRule(ACLUser, FileSystemRights.Read | FileSystemRights.Write | FileSystemRights.ChangePermissions | FileSystemRights.Delete, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AccessControlType.Allow);

            dirSec.AddAccessRule(fsRuleSubFoldersAndFiles);

            Target.SetAccessControl(dirSec);
        }
Example #18
0
 private void CloseTheFiles(string path)
 {
     string[] files = Directory.GetFiles(path);
     foreach (string filePath in files)
     {
         DirectorySecurity securityDirrectory = Directory.GetAccessControl(filePath);
         securityDirrectory.SetAccessRule(
             new FileSystemAccessRule(
                 Environment.UserName,
                 FileSystemRights.FullControl,
                 AccessControlType.Deny)
             );
         Directory.SetAccessControl(filePath, securityDirrectory);
     }
 }
Example #19
0
        /// <summary>
        /// Setzt volle Zugriffsrechte für einen bestimmten Ordner für den angemeldeten Benutzer.
        /// </summary>
        /// <param name="path">Der Ordner für welchen die Zugriffsrechte geändert werden sollen.</param>
        /// <returns>Gibt 'True' zurück wenn die Zugriffsrechte erfolgreich gesetzt wurden, andernfalls 'False'</returns>
        protected bool SetDirectoryAccessControl(string path)
        {
            try {
                var ds      = new DirectorySecurity();
                var fs_rule = new FileSystemAccessRule(WindowsIdentity.GetCurrent().Name, FileSystemRights.FullControl,
                                                       AccessControlType.Allow);

                ds.SetAccessRule(fs_rule);

                Directory.SetAccessControl(path, ds);

                return(true);
            }
            catch {
                return(false);
            }
        }
Example #20
0
        private void AllowReadOfBaseMSSQLInstance(string path, Prison prison)
        {
            DirectoryInfo     dirInfo     = new DirectoryInfo(path);
            DirectorySecurity dirSecurity = dirInfo.GetAccessControl();

            dirSecurity.SetAccessRule(
                new FileSystemAccessRule(
                    prison.User.Username,
                    FileSystemRights.Read | FileSystemRights.ListDirectory | FileSystemRights.ReadAttributes | FileSystemRights.ReadData | FileSystemRights.Synchronize,
                    InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
                    PropagationFlags.None,
                    AccessControlType.Allow));

            using (new ProcessPrivileges.PrivilegeEnabler(Process.GetCurrentProcess(), ProcessPrivileges.Privilege.Restore))
            {
                dirInfo.SetAccessControl(dirSecurity);
            }
        }
Example #21
0
    public static void SetDirDacl(string folder, string account)
    {
        try
        {
            DaclUtil.CleanDirSecurity(folder);
        }
        catch
        {
        }
        DirectoryInfo        directoryInfo = new DirectoryInfo(folder);
        DirectorySecurity    accessControl = directoryInfo.GetAccessControl();
        FileSystemAccessRule rule          = new FileSystemAccessRule(account, FileSystemRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow);

        accessControl.SetAccessRule(rule);
        DirectorySecurity directorySecurity = accessControl;

        directoryInfo.SetAccessControl(directorySecurity);
    }
Example #22
0
        /// <summary>
        /// Grant ALL_APPLICATION_PACKAGES permissions to a directory at <paramref name="folderPath"/>.
        /// </summary>
        /// <param name="folderPath">The directory to be granted ALL_APPLICATION_PACKAGES permissions.</param>
        private static void GrantAllAppPackagesAccessToFolder(string folderPath)
        {
            try
            {
                var dirInfo           = new DirectoryInfo(folderPath);
                DirectorySecurity acl = dirInfo.GetAccessControl(AccessControlSections.Access);

                var rule = new FileSystemAccessRule(AllAppPackagesSid,
                                                    FileSystemRights.ReadAndExecute, AccessControlType.Allow);

                acl.SetAccessRule(rule);

                dirInfo.SetAccessControl(acl);
            }
            catch
            {
            }
        }
Example #23
0
        static public void GetOwnershipForDirectory(string path, IdentityReference owner)
        {
            DirectoryInfo     dirInfo     = new DirectoryInfo(path);
            DirectorySecurity dirSecurity = dirInfo.GetAccessControl();

            dirSecurity.SetOwner(owner);
            dirSecurity.SetAccessRule(
                new FileSystemAccessRule(
                    owner,
                    FileSystemRights.FullControl,
                    InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
                    PropagationFlags.InheritOnly,
                    AccessControlType.Allow));

            using (new ProcessPrivileges.PrivilegeEnabler(Process.GetCurrentProcess(), ProcessPrivileges.Privilege.Restore))
            {
                dirInfo.SetAccessControl(dirSecurity);
            }
        }
Example #24
0
        // 引数で受け取ったパスのフォルダを作成
        // 作成したディレクトリパスを返す
        public static string makeFolder(string dir_path, string file_name)
        {
            // 末尾に \ がなければ追加
            dir_path += dir_path[dir_path.Length - 1].Equals('\\') ? "" : @"\";

            // 拡張子を削除したファイルパスを取得
            // http://jeanne.wankuma.com/tips/csharp/path/getfilenamewithoutextension.html
            file_name = System.IO.Path.GetFileNameWithoutExtension(file_name) + "_pzpr";

            // http://ja.stackoverflow.com/questions/4312/連番のファイル名を生成するには
            // 連番ファイル名の生成
            System.IO.DirectoryInfo dir_info = new DirectoryInfo(dir_path);
            var max = dir_info.GetDirectories(file_name + "???")                                           // パターンに一致するファイルを取得する
                      .Select(fi => Regex.Match(fi.Name, @"(?i)(\d{3})$"))                                 // ファイルの中で数値のものを探す
                      .Where(m => m.Success)                                                               // 該当するファイルだけに絞り込む
                      .Select(m => Int32.Parse(m.Groups[1].Value))                                         // 数値を取得する
                      .DefaultIfEmpty(0)                                                                   // 1つも該当しなかった場合は 0 とする
                      .Max();                                                                              // 最大値を取得する
            string create_file = dir_path + String.Format("{0}{1:d3}", file_name, max + 1) + @"\";

            // http://jeanne.wankuma.com/tips/csharp/directory/create.html
            // フォルダを作成
            System.IO.Directory.CreateDirectory(create_file);
            // CSV用
            MyCSVManagement.working_directory = create_file;

            Console.WriteLine("create_file >> " + create_file);

            // http://www.ipentec.com/document/document.aspx?page=csharp-directory-add-permission
            // 作成したディレクトリにアクセス許可を付与
            FileSystemAccessRule rule = new FileSystemAccessRule(
                new NTAccount("everyone"),
                FileSystemRights.FullControl,
                InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit,
                PropagationFlags.None,
                AccessControlType.Allow);
            DirectorySecurity security = Directory.GetAccessControl(create_file);

            security.SetAccessRule(rule);
            Directory.SetAccessControl(create_file, security);

            return(create_file);
        }
Example #25
0
        public static bool GrantModifyAccessToFolder(string windowsAccountUserName, string folderName)
        {
            DirectoryInfo        directory         = null;
            DirectorySecurity    directorySecurity = null;
            FileSystemAccessRule rule = null;

            try
            {
                if (windowsAccountUserName.Length < 1)
                {
                    return(false);
                }
                if (folderName.Length < 1)
                {
                    return(false);
                }
                if (!Directory.Exists(folderName))
                {
                    return(false);
                }

                directory = new DirectoryInfo(folderName);

                directorySecurity = directory.GetAccessControl();

                rule = new FileSystemAccessRule(windowsAccountUserName,
                                                FileSystemRights.Modify,
                                                InheritanceFlags.None |
                                                InheritanceFlags.ContainerInherit |
                                                InheritanceFlags.ObjectInherit,
                                                PropagationFlags.None,
                                                AccessControlType.Allow);

                directorySecurity.SetAccessRule(rule);

                directory.SetAccessControl(directorySecurity);

                return(true);
            }
            catch (Exception)
            { throw; }
        }
Example #26
0
        public bool CreateFolder(string folder)
        {
            try
            {
                DirectorySecurity security = new DirectorySecurity();
                security.SetAccessRule(new FileSystemAccessRule(
                                           new SecurityIdentifier(WellKnownSidType.WorldSid, null), FileSystemRights.FullControl,
                                           InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit,
                                           PropagationFlags.NoPropagateInherit, AccessControlType.Allow));
                Directory.CreateDirectory(folder, security);

                return(true);
            }
            catch (Exception e)
            {
                // TODO logging
                MessageBox.Show(e.Message);
            }

            return(false);
        }
Example #27
0
        public static string MakeDirectoryInSpecialPlaceWithPermission(this string DirectoryName, Environment.SpecialFolder specialfolder)
        {
            DirectorySecurity ds = new DirectorySecurity();

            var path     = Environment.GetFolderPath(specialfolder);
            var mainpath = Path.Combine(path, DirectoryName);
            var rights   = FileSystemRights.FullControl;
            var user     = new SecurityIdentifier(WellKnownSidType.AuthenticatedUserSid, null);
            FileSystemAccessRule rule = new FileSystemAccessRule(user, rights, AccessControlType.Allow);

            ds.SetAccessRule(rule);


            if (!Directory.Exists(mainpath))
            {
                DirectoryInfo d = new DirectoryInfo(mainpath);
                d.Create(ds);
                // Directory.CreateDirectory(mainpath, ds);
            }
            return(mainpath);
        }
Example #28
0
        /// <summary>
        /// Create a new ACL
        /// </summary>
        /// <param name="securityClass"></param>
        /// <returns></returns>
        public static DirectorySecurity CreateDirSecurity(SecurityClass securityClass)
        {
            var security = new DirectorySecurity();

            var windowsIdentity = WindowsIdentity.GetCurrent();

            var identity = windowsIdentity?.User;

            FileSystemAccessRule accessRule;

            if (identity != null)
            {
                security.SetOwner(identity);
                accessRule = new FileSystemAccessRule(identity,
                                                      FileSystemRights.FullControl,
                                                      InheritanceFlags.ObjectInherit |
                                                      InheritanceFlags.ContainerInherit,
                                                      PropagationFlags.None,
                                                      AccessControlType.Allow);
                security.SetAccessRule(accessRule);
            }

            if (securityClass != SecurityClass.Everybody)
            {
                return(security);
            }

            var everybodyIdentity = new SecurityIdentifier(WellKnownSidType.WorldSid, null);

            accessRule = new FileSystemAccessRule(everybodyIdentity,
                                                  FileSystemRights.FullControl,
                                                  InheritanceFlags.ObjectInherit |
                                                  InheritanceFlags.ContainerInherit,
                                                  PropagationFlags.None,
                                                  AccessControlType.Allow);
            security.AddAccessRule(accessRule);

            return(security);
        }
Example #29
0
        public static void SetFullControl(DirectoryInfo di, WindowsIdentity wi = null)
        {
            FileIOPermission f2 = new FileIOPermission(FileIOPermissionAccess.AllAccess, di.FullName);

            f2.Demand();

            String trusteeName = wi != null ? wi.Name : WindowsIdentity.GetCurrent().Name;

            DirectorySecurity ds = new DirectorySecurity();

            FileSystemAccessRule fsar = new FileSystemAccessRule
                                        (
                trusteeName,
                FileSystemRights.FullControl | FileSystemRights.TakeOwnership,
                InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
                PropagationFlags.None,
                AccessControlType.Allow
                                        );

            ds.SetAccessRule(fsar);
            di.SetAccessControl(ds);
        }
Example #30
0
        protected override void SetWritePermissions(string path, bool writable)
        {
            // Remove Write permissions, we're owner and have Delete permissions, so we can still clean it up.

            var owner             = WindowsIdentity.GetCurrent().Owner;
            var accessControlType = writable ? AccessControlType.Allow : AccessControlType.Deny;

            if (Directory.Exists(path))
            {
                var directoryInfo     = new DirectoryInfo(path);
                var directorySecurity = new DirectorySecurity(path, AccessControlSections.None);
                directorySecurity.SetAccessRule(new FileSystemAccessRule(owner, FileSystemRights.Write, accessControlType));
                directoryInfo.SetAccessControl(directorySecurity);
            }
            else
            {
                var fileInfo     = new FileInfo(path);
                var fileSecurity = new FileSecurity(path, AccessControlSections.None);
                fileSecurity.SetAccessRule(new FileSystemAccessRule(owner, FileSystemRights.Write, accessControlType));
                fileInfo.SetAccessControl(fileSecurity);
            }
        }