public FileSystemSecurity GetSecurity(AccessControlSections sections) { lock (Lock) { DirectorySecurity security = new DirectorySecurity(); if ((sections & AccessControlSections.Owner) != 0) { security.SetOwner(_directory.Owner); } if ((sections & AccessControlSections.Group) != 0) { security.SetGroup(_directory.Group); } if ((sections & AccessControlSections.Access) != 0) { foreach (var r in _fileSystem.GetAccessRules(_directory)) { security.AddAccessRule( new FileSystemAccessRule(r.IdentityReference, r.FileSystemRights, r.InheritanceFlags, r.PropagationFlags, r.AccessControlType)); } } if ((sections & AccessControlSections.Audit) != 0) { foreach (var r in _fileSystem.GetAuditRules(_directory)) { security.AddAuditRule( new FileSystemAuditRule(r.IdentityReference, r.FileSystemRights, r.InheritanceFlags, r.PropagationFlags, r.AuditFlags)); } } return(security); } }
public static void CreateFolderSecurity(string path) { DirectorySecurity directorySecurity = new DirectorySecurity(); directorySecurity.SetAccessRuleProtection(true, false); //administrators IdentityReference adminId = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null); directorySecurity.AddAccessRule(new FileSystemAccessRule(adminId, FileSystemRights.FullControl , InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow)); // set the owner and the group to admins directorySecurity.SetOwner(adminId); directorySecurity.SetGroup(adminId); string sDirPath; sDirPath = path; DirectoryInfo di = new DirectoryInfo(sDirPath); if (di.Exists == false) { di.Create(directorySecurity); } }
private RawSecurityDescriptor CreateSecurityDescriptor(IEnumerable <IdentityRights> allowRights, IEnumerable <IdentityRights> denyRights = null) { var security = new DirectorySecurity(); security.SetOwner(CurrentIdentity); security.SetGroup(Group); if (allowRights == null) { allowRights = Enumerable.Empty <IdentityRights>(); } if (denyRights == null) { denyRights = Enumerable.Empty <IdentityRights>(); } foreach (var right in allowRights) { security.AddAccessRule(new FileSystemAccessRule(right.Identity, right.Rights, AccessControlType.Allow)); } foreach (var right in denyRights) { security.AddAccessRule(new FileSystemAccessRule(right.Identity, right.Rights, AccessControlType.Deny)); } var binaryDescriptor = security.GetSecurityDescriptorBinaryForm(); return(new RawSecurityDescriptor(binaryDescriptor, 0)); }
static IpfsDokan() { var everyone = new SecurityIdentifier(WellKnownSidType.WorldSid, null); var everyoneRead = new FileSystemAccessRule(everyone, FileSystemRights.ReadAndExecute | FileSystemRights.ListDirectory, AccessControlType.Allow); readonlyFileSecurity.AddAccessRule(everyoneRead); readonlyFileSecurity.SetOwner(everyone); readonlyFileSecurity.SetGroup(everyone); readonlyDirectorySecurity.AddAccessRule(everyoneRead); readonlyDirectorySecurity.SetOwner(everyone); readonlyDirectorySecurity.SetGroup(everyone); }
public System.Security.AccessControl.DirectorySecurity GetDirectorySecurity(string path) { lock (lockThread) { Trace.WriteLine("Linux GetDirectorySecurity " + path); var ds = new DirectorySecurity(); ds.SetOwner(new SecurityIdentifier(GetAttr(path, "system.nt_sec_desc.owner"))); ds.SetGroup(new SecurityIdentifier(GetAttr(path, "system.nt_sec_desc.group"))); var acls = GetAttr(path, "system.nt_sec_desc.acl.*"); foreach (var acl in acls.Split(',')) { var part = acl.Split(':'); var part2 = part[1].Split('/'); var type = int.Parse(part2[0]); var flags = int.Parse(part2[1]); var access_mask = Convert.ToUInt32(part2[2], 16); ds.AddAccessRule(new FileSystemAccessRule(new SecurityIdentifier(part[0]), (FileSystemRights)access_mask, (AccessControlType)type)); } return(ds); } }