static private SetSecurityInfo ( Microsoft.Win32.ResourceType type, string name, |
||
type | Microsoft.Win32.ResourceType | |
name | string | |
handle | ||
securityInformation | SecurityInfos | |
owner | System.Security.Principal.SecurityIdentifier | |
group | System.Security.Principal.SecurityIdentifier | |
sacl | ||
dacl | ||
Résultat | int |
private void Persist(string name, SafeHandle handle, AccessControlSections includeSections, object exceptionContext) { this.WriteLock(); try { SecurityInfos securityInformation = (SecurityInfos)0; SecurityIdentifier owner = (SecurityIdentifier)null; SecurityIdentifier group = (SecurityIdentifier)null; SystemAcl systemAcl = (SystemAcl)null; DiscretionaryAcl discretionaryAcl = (DiscretionaryAcl)null; if ((includeSections & AccessControlSections.Owner) != AccessControlSections.None && this._securityDescriptor.Owner != (SecurityIdentifier)null) { securityInformation |= SecurityInfos.Owner; owner = this._securityDescriptor.Owner; } if ((includeSections & AccessControlSections.Group) != AccessControlSections.None && this._securityDescriptor.Group != (SecurityIdentifier)null) { securityInformation |= SecurityInfos.Group; group = this._securityDescriptor.Group; } if ((includeSections & AccessControlSections.Audit) != AccessControlSections.None) { SecurityInfos securityInfos = securityInformation | SecurityInfos.SystemAcl; systemAcl = !this._securityDescriptor.IsSystemAclPresent || this._securityDescriptor.SystemAcl == null || this._securityDescriptor.SystemAcl.Count <= 0 ? (SystemAcl)null : this._securityDescriptor.SystemAcl; securityInformation = (this._securityDescriptor.ControlFlags & ControlFlags.SystemAclProtected) == ControlFlags.None ? securityInfos | (SecurityInfos)this.UnprotectedSystemAcl : securityInfos | (SecurityInfos)this.ProtectedSystemAcl; } if ((includeSections & AccessControlSections.Access) != AccessControlSections.None && this._securityDescriptor.IsDiscretionaryAclPresent) { SecurityInfos securityInfos = securityInformation | SecurityInfos.DiscretionaryAcl; discretionaryAcl = !this._securityDescriptor.DiscretionaryAcl.EveryOneFullAccessForNullDacl ? this._securityDescriptor.DiscretionaryAcl : (DiscretionaryAcl)null; securityInformation = (this._securityDescriptor.ControlFlags & ControlFlags.DiscretionaryAclProtected) == ControlFlags.None ? securityInfos | (SecurityInfos)this.UnprotectedDiscretionaryAcl : securityInfos | (SecurityInfos)this.ProtectedDiscretionaryAcl; } if (securityInformation == (SecurityInfos)0) { return; } int errorCode = Win32.SetSecurityInfo(this._resourceType, name, handle, securityInformation, owner, group, (GenericAcl)systemAcl, (GenericAcl)discretionaryAcl); if (errorCode != 0) { Exception exception = (Exception)null; if (this._exceptionFromErrorCode != null) { exception = this._exceptionFromErrorCode(errorCode, name, handle, exceptionContext); } if (exception == null) { if (errorCode == 5) { exception = (Exception) new UnauthorizedAccessException(); } else if (errorCode == 1307) { exception = (Exception) new InvalidOperationException(Environment.GetResourceString("AccessControl_InvalidOwner")); } else if (errorCode == 1308) { exception = (Exception) new InvalidOperationException(Environment.GetResourceString("AccessControl_InvalidGroup")); } else if (errorCode == 123) { exception = (Exception) new ArgumentException(Environment.GetResourceString("Argument_InvalidName"), "name"); } else if (errorCode == 6) { exception = (Exception) new NotSupportedException(Environment.GetResourceString("AccessControl_InvalidHandle")); } else if (errorCode == 2) { exception = (Exception) new FileNotFoundException(); } else if (errorCode == 1350) { exception = (Exception) new NotSupportedException(Environment.GetResourceString("AccessControl_NoAssociatedSecurity")); } else { exception = (Exception) new InvalidOperationException(Environment.GetResourceString("AccessControl_UnexpectedError", (object)errorCode)); } } throw exception; } this.OwnerModified = false; this.GroupModified = false; this.AccessRulesModified = false; this.AuditRulesModified = false; } finally { this.WriteUnlock(); } }
// // Attempts to persist the security descriptor onto the object // private void Persist(string name, SafeHandle handle, AccessControlSections includeSections, object exceptionContext) { WriteLock(); try { int error; SecurityInfos securityInfo = 0; SecurityIdentifier owner = null, group = null; SystemAcl sacl = null; DiscretionaryAcl dacl = null; if ((includeSections & AccessControlSections.Owner) != 0 && _securityDescriptor.Owner != null) { securityInfo |= SecurityInfos.Owner; owner = _securityDescriptor.Owner; } if ((includeSections & AccessControlSections.Group) != 0 && _securityDescriptor.Group != null) { securityInfo |= SecurityInfos.Group; group = _securityDescriptor.Group; } if ((includeSections & AccessControlSections.Audit) != 0) { securityInfo |= SecurityInfos.SystemAcl; if (_securityDescriptor.IsSystemAclPresent && _securityDescriptor.SystemAcl != null && _securityDescriptor.SystemAcl.Count > 0) { sacl = _securityDescriptor.SystemAcl; } else { sacl = null; } if ((_securityDescriptor.ControlFlags & ControlFlags.SystemAclProtected) != 0) { securityInfo = (SecurityInfos)((uint)securityInfo | ProtectedSystemAcl); } else { securityInfo = (SecurityInfos)((uint)securityInfo | UnprotectedSystemAcl); } } if ((includeSections & AccessControlSections.Access) != 0 && _securityDescriptor.IsDiscretionaryAclPresent) { securityInfo |= SecurityInfos.DiscretionaryAcl; // if the DACL is in fact a crafted replaced for NULL replacement, then we will persist it as NULL if (_securityDescriptor.DiscretionaryAcl.EveryOneFullAccessForNullDacl) { dacl = null; } else { dacl = _securityDescriptor.DiscretionaryAcl; } if ((_securityDescriptor.ControlFlags & ControlFlags.DiscretionaryAclProtected) != 0) { securityInfo = unchecked ((SecurityInfos)((uint)securityInfo | ProtectedDiscretionaryAcl)); } else { securityInfo = (SecurityInfos)((uint)securityInfo | UnprotectedDiscretionaryAcl); } } if (securityInfo == 0) { // // Nothing to persist // return; } error = Win32.SetSecurityInfo(_resourceType, name, handle, securityInfo, owner, group, sacl, dacl); if (error != Interop.Errors.ERROR_SUCCESS) { System.Exception exception = null; if (_exceptionFromErrorCode != null) { exception = _exceptionFromErrorCode(error, name, handle, exceptionContext); } if (exception == null) { if (error == Interop.Errors.ERROR_ACCESS_DENIED) { exception = new UnauthorizedAccessException(); } else if (error == Interop.Errors.ERROR_INVALID_OWNER) { exception = new InvalidOperationException(SR.AccessControl_InvalidOwner); } else if (error == Interop.Errors.ERROR_INVALID_PRIMARY_GROUP) { exception = new InvalidOperationException(SR.AccessControl_InvalidGroup); } else if (error == Interop.Errors.ERROR_INVALID_NAME) { exception = new ArgumentException(SR.Argument_InvalidName, nameof(name)); } else if (error == Interop.Errors.ERROR_INVALID_HANDLE) { exception = new NotSupportedException(SR.AccessControl_InvalidHandle); } else if (error == Interop.Errors.ERROR_FILE_NOT_FOUND) { exception = new FileNotFoundException(); } else if (error == Interop.Errors.ERROR_NO_SECURITY_ON_OBJECT) { exception = new NotSupportedException(SR.AccessControl_NoAssociatedSecurity); } else { Debug.Fail($"Unexpected error code {error}"); exception = new InvalidOperationException(SR.Format(SR.AccessControl_UnexpectedError, error)); } } throw exception; } // // Everything goes well, let us clean the modified flags. // We are in proper write lock, so just go ahead // this.OwnerModified = false; this.GroupModified = false; this.AccessRulesModified = false; this.AuditRulesModified = false; } finally { WriteUnlock(); } }
private void Persist(string name, SafeHandle handle, AccessControlSections includeSections, object exceptionContext) { base.WriteLock(); try { SecurityInfos securityInfos = (SecurityInfos)0; SecurityIdentifier owner = null; SecurityIdentifier group = null; SystemAcl sacl = null; DiscretionaryAcl dacl = null; if ((includeSections & AccessControlSections.Owner) != AccessControlSections.None && this._securityDescriptor.Owner != null) { securityInfos |= SecurityInfos.Owner; owner = this._securityDescriptor.Owner; } if ((includeSections & AccessControlSections.Group) != AccessControlSections.None && this._securityDescriptor.Group != null) { securityInfos |= SecurityInfos.Group; group = this._securityDescriptor.Group; } if ((includeSections & AccessControlSections.Audit) != AccessControlSections.None) { securityInfos |= SecurityInfos.SystemAcl; if (this._securityDescriptor.IsSystemAclPresent && this._securityDescriptor.SystemAcl != null && this._securityDescriptor.SystemAcl.Count > 0) { sacl = this._securityDescriptor.SystemAcl; } else { sacl = null; } if ((this._securityDescriptor.ControlFlags & ControlFlags.SystemAclProtected) != ControlFlags.None) { securityInfos |= (SecurityInfos)this.ProtectedSystemAcl; } else { securityInfos |= (SecurityInfos)this.UnprotectedSystemAcl; } } if ((includeSections & AccessControlSections.Access) != AccessControlSections.None && this._securityDescriptor.IsDiscretionaryAclPresent) { securityInfos |= SecurityInfos.DiscretionaryAcl; if (this._securityDescriptor.DiscretionaryAcl.EveryOneFullAccessForNullDacl) { dacl = null; } else { dacl = this._securityDescriptor.DiscretionaryAcl; } if ((this._securityDescriptor.ControlFlags & ControlFlags.DiscretionaryAclProtected) != ControlFlags.None) { securityInfos |= (SecurityInfos)this.ProtectedDiscretionaryAcl; } else { securityInfos |= (SecurityInfos)this.UnprotectedDiscretionaryAcl; } } if (securityInfos != (SecurityInfos)0) { int num = Win32.SetSecurityInfo(this._resourceType, name, handle, securityInfos, owner, group, sacl, dacl); if (num != 0) { Exception ex = null; if (this._exceptionFromErrorCode != null) { ex = this._exceptionFromErrorCode(num, name, handle, exceptionContext); } if (ex == null) { if (num == 5) { ex = new UnauthorizedAccessException(); } else if (num == 1307) { ex = new InvalidOperationException(Environment.GetResourceString("AccessControl_InvalidOwner")); } else if (num == 1308) { ex = new InvalidOperationException(Environment.GetResourceString("AccessControl_InvalidGroup")); } else if (num == 123) { ex = new ArgumentException(Environment.GetResourceString("Argument_InvalidName"), "name"); } else if (num == 6) { ex = new NotSupportedException(Environment.GetResourceString("AccessControl_InvalidHandle")); } else if (num == 2) { ex = new FileNotFoundException(); } else if (num == 1350) { ex = new NotSupportedException(Environment.GetResourceString("AccessControl_NoAssociatedSecurity")); } else { ex = new InvalidOperationException(Environment.GetResourceString("AccessControl_UnexpectedError", new object[] { num })); } } throw ex; } base.OwnerModified = false; base.GroupModified = false; base.AccessRulesModified = false; base.AuditRulesModified = false; } } finally { base.WriteUnlock(); } }