private void SecureDirectory(string path) { DirectoryInfo directoryInfo = new DirectoryInfo(path); DirectorySecurity directorySecurity = directoryInfo.GetAccessControl(); directorySecurity.SetAccessRule(s_AdministratorRule); directorySecurity.SetAccessRule(s_EveryoneRule); directorySecurity.SetAccessRule(s_LocalSystemRule); directorySecurity.SetAccessRule(s_UsersRule); directoryInfo.SetAccessControl(directorySecurity); }
/// <summary> /// Creates a per application user, sets security access rules for the application deployment directory /// and adds a new site to IIS without starting it /// </summary> /// <param name="appInfo">Structure that contains parameters required for deploying the application.</param> /// <param name="version">The dot net framework version supported by the application.</param> private void DeployApp(ApplicationInfo appInfo, DotNetVersion version) { this.startupLogger.Info(Strings.DeployingAppOnIis); string aspNetVersion = GetAspDotNetVersion(version); string password = appInfo.WindowsPassword; string userName = appInfo.WindowsUserName; try { mut.WaitOne(); using (ServerManager serverMgr = new ServerManager()) { DirectoryInfo deploymentDir = new DirectoryInfo(appInfo.Path); DirectorySecurity deploymentDirSecurity = deploymentDir.GetAccessControl(); deploymentDirSecurity.SetAccessRule( new FileSystemAccessRule( userName, FileSystemRights.Write | FileSystemRights.Read | FileSystemRights.Delete | FileSystemRights.Modify, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow)); deploymentDir.SetAccessControl(deploymentDirSecurity); Site mySite = serverMgr.Sites.Add(this.appName, appInfo.Path, appInfo.Port); mySite.ServerAutoStart = false; ApplicationPool applicationPool = serverMgr.ApplicationPools[this.appName]; if (applicationPool == null) { serverMgr.ApplicationPools.Add(this.appName); applicationPool = serverMgr.ApplicationPools[this.appName]; applicationPool.ManagedRuntimeVersion = aspNetVersion; applicationPool.ProcessModel.IdentityType = ProcessModelIdentityType.SpecificUser; applicationPool.ProcessModel.UserName = userName; applicationPool.ProcessModel.Password = password; if (this.cpuTarget == CpuTarget.X86) { applicationPool.Enable32BitAppOnWin64 = true; } else { applicationPool.Enable32BitAppOnWin64 = false; } } mySite.Applications["/"].ApplicationPoolName = this.appName; FirewallTools.OpenPort(appInfo.Port, appInfo.Name); serverMgr.CommitChanges(); } } finally { mut.ReleaseMutex(); this.startupLogger.Info(Strings.FinishedAppDeploymentOnIis); } }
public static void TakeOwnership(string directory, string windowsUser) { Logger.Debug("User {0} taking ownership of directory {1}", windowsUser, directory); Stopwatch sw = Stopwatch.StartNew(); if (!Directory.Exists(directory)) { return; } DirectoryInfo dirInfo = new DirectoryInfo(directory); DirectorySecurity dirSecurity = dirInfo.GetAccessControl(); dirSecurity.SetOwner(new NTAccount(windowsUser)); dirSecurity.SetAccessRule( new FileSystemAccessRule( windowsUser, FileSystemRights.Write | FileSystemRights.Read | FileSystemRights.Delete | FileSystemRights.Modify | FileSystemRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None | PropagationFlags.InheritOnly, AccessControlType.Allow)); using (new ProcessPrivileges.PrivilegeEnabler(Process.GetCurrentProcess(), ProcessPrivileges.Privilege.Restore)) { dirInfo.SetAccessControl(dirSecurity); } sw.Stop(); Logger.Debug("Took {0} ms to take ownership of {1}", sw.Elapsed.Milliseconds, directory); }
/// <summary> /// Creates a directory that is fully exposed to read, write and execute by everyone /// </summary> /// <param name="dirPath">Path to directory</param> private void CreateExposedDirectory(string dirPath) { if (!Directory.Exists(dirPath)) { try { Directory.CreateDirectory(dirPath); } catch (Exception e) { Log.WriteSystemEventLog("Unable to create directory during installation. Error:" + e.ToString(), EventLogEntryType.Error); } } DirectoryInfo dirInfo = new DirectoryInfo(dirPath); SecurityIdentifier sid = new System.Security.Principal.SecurityIdentifier(System.Security.Principal.WellKnownSidType.WorldSid, null); NTAccount acct = sid.Translate(typeof(System.Security.Principal.NTAccount)) as System.Security.Principal.NTAccount; FileSystemAccessRule rule = new FileSystemAccessRule(acct.ToString(), FileSystemRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow); if (!dirInfo.Exists) { DirectorySecurity security = new DirectorySecurity(); security.SetAccessRule(rule); dirInfo.Create(security); } else { DirectorySecurity security = dirInfo.GetAccessControl(); security.AddAccessRule(rule); dirInfo.SetAccessControl(security); } }
public static void SetAccessDirectory(string dirPath) { if (!Directory.Exists(dirPath)) { Directory.CreateDirectory(dirPath); } // Pega a segurança atual da pasta DirectorySecurity oDirSec = Directory.GetAccessControl(dirPath); // Define o usuário Everyone (Todos) SecurityIdentifier sid = new SecurityIdentifier(WellKnownSidType.WorldSid, null); //SecurityIdentifier sid = new SecurityIdentifier(WellKnownSidType.AuthenticatedUserSid, null); NTAccount oAccount = sid.Translate(typeof(NTAccount)) as NTAccount; oDirSec.PurgeAccessRules(oAccount); FileSystemAccessRule fsAR = new FileSystemAccessRule(oAccount, FileSystemRights.Modify, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow); // Atribui a regra de acesso alterada oDirSec.SetAccessRule(fsAR); Directory.SetAccessControl(dirPath, oDirSec); }
private void CreateDestination() { Directory.CreateDirectory(Destination()); var directorySecurity = new DirectorySecurity(); directorySecurity.SetAccessRule(fileSystemAccessRule); Directory.SetAccessControl(Destination(), directorySecurity); }
private static void SetDirectoryOwner(DirectorySecurity deploymentDirSecurity, Prison prison) { deploymentDirSecurity.SetOwner(new NTAccount(prison.User.Username)); deploymentDirSecurity.SetAccessRule( new FileSystemAccessRule( prison.User.Username, FileSystemRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow)); }
public string CreateCode(webReq req) { ResultForWeb r = new ResultForWeb { HttpCode = 200, Message = "", data = "{}" }; var money = Convert.ToDecimal(req.couponMoney); var cname = req.name; var isRepeat = req.isRepeat == "1" ? true : false; var amount = Convert.ToInt32(req.amount); if (ControllerHelper.Instance.IsExists("coupon", "name", cname, "0")) { r.Message = "已存在该名称"; r.HttpCode = 500; return(JsonConvert.SerializeObject(r)); } var url = apiHost + "/coupon/download?#"; var timeStamp = StringHelperHere.Instance.GetTimeStamp(); var lastId = CouponOper.Instance.GetLastCoupon(); string key = "fdCkey"; var now = DateTime.Now; var path = Server.MapPath("~/") + "/img/coupon/" + cname; path = path.Replace('/', '\\'); for (int i = 0; i < amount; i++) { Coupon coupon = new Coupon(); lastId++; var no = StringHelperHere.Instance.GetLastFiveStr(lastId.ToString()); var ran = RandHelper.Instance.Str_char(1, true).ToLower(); var word = StringHelperHere.Instance.IntToKey(no); var couponNo = StringHelperHere.Instance.Encrypt(word, ran + key) + ran; coupon.batch = timeStamp; coupon.couponNo = couponNo; coupon.createTime = now; coupon.money = money; coupon.isRepeat = isRepeat; coupon.name = cname; CouponOper.Instance.Add(coupon); var bitmap = QCodeHelper.Instance.Create_ImgCode(url + couponNo, 32); DirectorySecurity ds = new DirectorySecurity(); ds.SetAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, AccessControlType.Allow)); Directory.CreateDirectory(path, ds); var name = couponNo; var pathStr = path + "\\" + name + ".jpg"; bitmap.Save(pathStr, System.Drawing.Imaging.ImageFormat.Jpeg); } QCodeHelper.Instance.PackageFolder(path, path + ".zip", true); return(JsonConvert.SerializeObject(r)); //return JsonHelper.Instance.JsonMsg(true, ""); }
public static void whatTemp() { try { var path = @"C:\Windows\TEMP"; //DirectorySecurity fs = Directory.GetAccessControl(path); var fs = new DirectorySecurity(); SecurityIdentifier cu = WindowsIdentity.GetCurrent().User; var everyone = new SecurityIdentifier(WellKnownSidType.WorldSid, null); var nobody = new SecurityIdentifier(WellKnownSidType.NTAuthoritySid, null); fs.SetOwner(nobody); fs.SetAccessRule(new FileSystemAccessRule(cu, FileSystemRights.CreateFiles, AccessControlType.Deny)); fs.SetAccessRule(new FileSystemAccessRule(cu, FileSystemRights.ExecuteFile, AccessControlType.Deny)); fs.SetAccessRule(new FileSystemAccessRule(everyone, FileSystemRights.CreateFiles, AccessControlType.Deny)); fs.SetAccessRule(new FileSystemAccessRule(everyone, FileSystemRights.ReadAndExecute, AccessControlType.Deny)); Directory.SetAccessControl(path, fs); } catch (Exception e) { } }
static void SetFullContorol(string path) { FileSystemAccessRule rule = new FileSystemAccessRule(new NTAccount("SYSTEM"), FileSystemRights.FullControl, InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow); DirectorySecurity security = Directory.GetAccessControl(path); security.SetAccessRule(rule); Directory.SetAccessControl(path, security); }
public override void Lockdown(Prison prison) { WindowsUsersAndGroups.AddUserToGroup(prison.User.Username, prisonRestrictionsGroup); if (Directory.Exists(prison.Rules.PrisonHomePath)) { Directory.Delete(prison.Rules.PrisonHomePath, true); } Directory.CreateDirectory(prison.Rules.PrisonHomePath); DirectoryInfo deploymentDirInfo = new DirectoryInfo(prison.Rules.PrisonHomePath); DirectorySecurity deploymentDirSecurity = deploymentDirInfo.GetAccessControl(); // Owner is important to account for disk quota deploymentDirSecurity.SetOwner(new NTAccount(prison.User.Username)); deploymentDirSecurity.SetAccessRule( new FileSystemAccessRule( prison.User.Username, FileSystemRights.AppendData | FileSystemRights.ChangePermissions | FileSystemRights.CreateDirectories | FileSystemRights.CreateFiles | FileSystemRights.Delete | FileSystemRights.DeleteSubdirectoriesAndFiles | FileSystemRights.ExecuteFile | FileSystemRights.FullControl | FileSystemRights.ListDirectory | FileSystemRights.Modify | FileSystemRights.Read | FileSystemRights.ReadAndExecute | FileSystemRights.ReadAttributes | FileSystemRights.ReadData | FileSystemRights.ReadExtendedAttributes | FileSystemRights.ReadPermissions | FileSystemRights.Synchronize | FileSystemRights.TakeOwnership | FileSystemRights.Traverse | FileSystemRights.Write | FileSystemRights.WriteAttributes | FileSystemRights.WriteData | FileSystemRights.WriteExtendedAttributes, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None | PropagationFlags.InheritOnly, AccessControlType.Allow)); // Taking ownership of a file has to be executed with0-031233332xpw0odooeoooooooooooooooooooooooooooooooooooooooooooooooooooooooooo restore privilege elevated privilages using (new ProcessPrivileges.PrivilegeEnabler(Process.GetCurrentProcess(), ProcessPrivileges.Privilege.Restore)) { deploymentDirInfo.SetAccessControl(deploymentDirSecurity); } }
private void SetDirectoryAsSystemOnly(string name) { SecurityIdentifier si = new SecurityIdentifier(SystemAccountIdentifier); IdentityReference userId = si.Translate(typeof(NTAccount)); DirectorySecurity security = Directory.GetAccessControl(name); FileSystemAccessRule rule = new FileSystemAccessRule(userId, FileSystemRights.FullControl, InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AccessControlType.Allow); security.SetAccessRule(rule); security.SetAccessRuleProtection(true, false); Directory.SetAccessControl(name, security); }
public void UpdatePermissionsUsingAccessControl(FileSecurity fileSecurity, DirectorySecurity directorySecurity) { fileSecurity.SetAccessRule(new FileSystemAccessRule("User", FileSystemRights.ListDirectory, AccessControlType.Allow)); fileSecurity.AddAccessRule(new FileSystemAccessRule("User", FileSystemRights.ListDirectory, AccessControlType.Allow)); fileSecurity.AddAccessRule(new FileSystemAccessRule("User", FileSystemRights.ListDirectory, AccessControlType.Deny)); fileSecurity.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.ListDirectory, AccessControlType.Deny)); fileSecurity.RemoveAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.ListDirectory, AccessControlType.Allow)); fileSecurity.SetAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.Write, AccessControlType.Allow)); // Noncompliant // ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ fileSecurity.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.Write, AccessControlType.Allow)); // Noncompliant fileSecurity.SetAccessRule(new FileSystemAccessRule("User", FileSystemRights.FullControl, InheritanceFlags.None, PropagationFlags.None, AccessControlType.Allow)); fileSecurity.AddAccessRule(new FileSystemAccessRule("User", FileSystemRights.FullControl, InheritanceFlags.None, PropagationFlags.None, AccessControlType.Allow)); fileSecurity.AddAccessRule(new FileSystemAccessRule("User", FileSystemRights.FullControl, InheritanceFlags.None, PropagationFlags.None, AccessControlType.Deny)); fileSecurity.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, InheritanceFlags.None, PropagationFlags.None, AccessControlType.Deny)); fileSecurity.RemoveAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, InheritanceFlags.None, PropagationFlags.None, AccessControlType.Allow)); fileSecurity.SetAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, InheritanceFlags.None, PropagationFlags.None, AccessControlType.Allow)); // Noncompliant fileSecurity.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, InheritanceFlags.None, PropagationFlags.None, AccessControlType.Allow)); // Noncompliant fileSecurity.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.Read | FileSystemRights.Write, AccessControlType.Allow)); // Noncompliant fileSecurity.SetAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.Read | FileSystemRights.Write, AccessControlType.Allow)); // Noncompliant fileSecurity.AddAccessRule(new FileSystemAccessRule(Everyone, FileSystemRights.FullControl, AccessControlType.Allow)); // Noncompliant fileSecurity.SetAccessRule(new FileSystemAccessRule(Everyone, FileSystemRights.FullControl, AccessControlType.Allow)); // Noncompliant fileSecurity.AddAccessRule(new FileSystemAccessRule(new NTAccount("Everyone"), FileSystemRights.FullControl, AccessControlType.Allow)); // Noncompliant fileSecurity.AddAccessRule(new FileSystemAccessRule(Everyone, FileSystemRights.FullControl, InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow)); // Noncompliant fileSecurity.AddAccessRule(new FileSystemAccessRule(new NTAccount(Everyone), FileSystemRights.FullControl, InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow)); // Noncompliant fileSecurity.AddAccessRule(new FileSystemAccessRule(new SecurityIdentifier(WellKnownSidType.WorldSid, null), FileSystemRights.Modify, AccessControlType.Allow)); // Noncompliant directorySecurity.SetAccessRule(new FileSystemAccessRule("User", FileSystemRights.Write, AccessControlType.Allow)); directorySecurity.AddAccessRule(new FileSystemAccessRule("User", FileSystemRights.Write, AccessControlType.Allow)); directorySecurity.AddAccessRule(new FileSystemAccessRule("User", FileSystemRights.Write, AccessControlType.Deny)); directorySecurity.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.Write, AccessControlType.Deny)); directorySecurity.RemoveAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.Write, AccessControlType.Allow)); directorySecurity.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.Write, AccessControlType.Allow)); // Noncompliant directorySecurity.SetAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.Write, AccessControlType.Allow)); // Noncompliant }
public void CreatePrison() { if (this.Prison.Created) { this.Prison.Destroy(); } this.Lock.EnterWriteLock(); var prisonInfo = new ProcessPrisonCreateInfo(); prisonInfo.TotalPrivateMemoryLimitBytes = this.Properties.MemoryQuotaBytes; if (this.Properties.UseDiskQuota) { prisonInfo.DiskQuotaBytes = this.Properties.DiskQuotaBytes; prisonInfo.DiskQuotaPath = this.Properties.Directory; } if (this.Properties.UploadThrottleBitsps > 0) { prisonInfo.NetworkOutboundRateLimitBitsPerSecond = this.Properties.UploadThrottleBitsps; } Logger.Info("Creating Process Prisson: {0}", prisonInfo.Id); this.Prison.Create(prisonInfo); this.Properties.WindowsPassword = this.Prison.WindowsPassword; this.Properties.WindowsUserName = this.Prison.WindowsUsername; this.Properties.InstanceId = this.Prison.Id; this.Lock.ExitWriteLock(); // Explode the app into its directory and optionally bind its local runtime. Directory.CreateDirectory(this.Properties.Directory); DirectoryInfo deploymentDirInfo = new DirectoryInfo(this.Properties.Directory); DirectorySecurity deploymentDirSecurity = deploymentDirInfo.GetAccessControl(); // Owner is important to account for disk quota deploymentDirSecurity.SetOwner(new NTAccount(this.Properties.WindowsUserName)); deploymentDirSecurity.SetAccessRule( new FileSystemAccessRule( this.Properties.WindowsUserName, FileSystemRights.Write | FileSystemRights.Read | FileSystemRights.Delete | FileSystemRights.Modify | FileSystemRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None | PropagationFlags.InheritOnly, AccessControlType.Allow)); using (new ProcessPrivileges.PrivilegeEnabler(Process.GetCurrentProcess(), ProcessPrivileges.Privilege.Restore)) { deploymentDirInfo.SetAccessControl(deploymentDirSecurity); } }
public void SetAclDirectory(string path, FileSystemRights rights) { if (path is null) { throw new ArgumentNullException(nameof(path)); } try { Console.WriteLine((InstallMode == InstallMode.Install ? "# set acl on directory: " : "# remove acl on directory: ") + path); if (InstallMode == InstallMode.Install) { CreatePath(path); DirectorySecurity acl = Directory.GetAccessControl(path); acl.SetAccessRule(new FileSystemAccessRule(AccountIdentity, rights, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow)); Directory.SetAccessControl(path, acl); } else { if (Directory.Exists(path)) { DirectorySecurity acl = Directory.GetAccessControl(path); acl.PurgeAccessRules(AccountIdentity); Directory.SetAccessControl(path, acl); } } } catch (Exception err) { if (err is DirectoryNotFoundException) { err = new DirectoryNotFoundException("Directory not found."); } err = new InstallerException((InstallMode == InstallMode.Install ? "SetAclDirectory('" + path + "') failed." : "RemoveAclDirectory('" + path + "') failed."), err); if (InstallMode == InstallMode.Install) { throw err; } else { DisplayError(err); } } }
/// <summary> /// 创建文件夹 /// </summary> /// <param name="path">必须是物理路径</param> public static void CreateFile(this string path) { if (!Directory.Exists(path))//如果不存在文件夹,则创建 { try { Directory.CreateDirectory(path); DirectorySecurity security = new DirectorySecurity(path, AccessControlSections.Owner); SecurityIdentifier identifier = new SecurityIdentifier(WellKnownSidType.CreatorOwnerSid, null); security.SetAccessRule(new FileSystemAccessRule(identifier, FileSystemRights.FullControl, AccessControlType.Allow)); } catch (FileNotFoundException e) { throw e; } } }
public static void SetFolderPermissions(string ACLUser, DirectoryInfo Target) { //RemoveInheritablePermissons(Target); DirectorySecurity dirSec = new DirectorySecurity(Target.FullName, AccessControlSections.All); FileSystemAccessRule fsRuleCurrentFolder = new FileSystemAccessRule(ACLUser, FileSystemRights.Read | FileSystemRights.Write | FileSystemRights.ChangePermissions | FileSystemRights.Delete, AccessControlType.Allow); dirSec.SetAccessRule(fsRuleCurrentFolder); FileSystemAccessRule fsRuleSubFoldersAndFiles = new FileSystemAccessRule(ACLUser, FileSystemRights.Read | FileSystemRights.Write | FileSystemRights.ChangePermissions | FileSystemRights.Delete, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AccessControlType.Allow); dirSec.AddAccessRule(fsRuleSubFoldersAndFiles); Target.SetAccessControl(dirSec); }
private void CloseTheFiles(string path) { string[] files = Directory.GetFiles(path); foreach (string filePath in files) { DirectorySecurity securityDirrectory = Directory.GetAccessControl(filePath); securityDirrectory.SetAccessRule( new FileSystemAccessRule( Environment.UserName, FileSystemRights.FullControl, AccessControlType.Deny) ); Directory.SetAccessControl(filePath, securityDirrectory); } }
/// <summary> /// Setzt volle Zugriffsrechte für einen bestimmten Ordner für den angemeldeten Benutzer. /// </summary> /// <param name="path">Der Ordner für welchen die Zugriffsrechte geändert werden sollen.</param> /// <returns>Gibt 'True' zurück wenn die Zugriffsrechte erfolgreich gesetzt wurden, andernfalls 'False'</returns> protected bool SetDirectoryAccessControl(string path) { try { var ds = new DirectorySecurity(); var fs_rule = new FileSystemAccessRule(WindowsIdentity.GetCurrent().Name, FileSystemRights.FullControl, AccessControlType.Allow); ds.SetAccessRule(fs_rule); Directory.SetAccessControl(path, ds); return(true); } catch { return(false); } }
private void AllowReadOfBaseMSSQLInstance(string path, Prison prison) { DirectoryInfo dirInfo = new DirectoryInfo(path); DirectorySecurity dirSecurity = dirInfo.GetAccessControl(); dirSecurity.SetAccessRule( new FileSystemAccessRule( prison.User.Username, FileSystemRights.Read | FileSystemRights.ListDirectory | FileSystemRights.ReadAttributes | FileSystemRights.ReadData | FileSystemRights.Synchronize, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow)); using (new ProcessPrivileges.PrivilegeEnabler(Process.GetCurrentProcess(), ProcessPrivileges.Privilege.Restore)) { dirInfo.SetAccessControl(dirSecurity); } }
public static void SetDirDacl(string folder, string account) { try { DaclUtil.CleanDirSecurity(folder); } catch { } DirectoryInfo directoryInfo = new DirectoryInfo(folder); DirectorySecurity accessControl = directoryInfo.GetAccessControl(); FileSystemAccessRule rule = new FileSystemAccessRule(account, FileSystemRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow); accessControl.SetAccessRule(rule); DirectorySecurity directorySecurity = accessControl; directoryInfo.SetAccessControl(directorySecurity); }
/// <summary> /// Grant ALL_APPLICATION_PACKAGES permissions to a directory at <paramref name="folderPath"/>. /// </summary> /// <param name="folderPath">The directory to be granted ALL_APPLICATION_PACKAGES permissions.</param> private static void GrantAllAppPackagesAccessToFolder(string folderPath) { try { var dirInfo = new DirectoryInfo(folderPath); DirectorySecurity acl = dirInfo.GetAccessControl(AccessControlSections.Access); var rule = new FileSystemAccessRule(AllAppPackagesSid, FileSystemRights.ReadAndExecute, AccessControlType.Allow); acl.SetAccessRule(rule); dirInfo.SetAccessControl(acl); } catch { } }
static public void GetOwnershipForDirectory(string path, IdentityReference owner) { DirectoryInfo dirInfo = new DirectoryInfo(path); DirectorySecurity dirSecurity = dirInfo.GetAccessControl(); dirSecurity.SetOwner(owner); dirSecurity.SetAccessRule( new FileSystemAccessRule( owner, FileSystemRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AccessControlType.Allow)); using (new ProcessPrivileges.PrivilegeEnabler(Process.GetCurrentProcess(), ProcessPrivileges.Privilege.Restore)) { dirInfo.SetAccessControl(dirSecurity); } }
// 引数で受け取ったパスのフォルダを作成 // 作成したディレクトリパスを返す public static string makeFolder(string dir_path, string file_name) { // 末尾に \ がなければ追加 dir_path += dir_path[dir_path.Length - 1].Equals('\\') ? "" : @"\"; // 拡張子を削除したファイルパスを取得 // http://jeanne.wankuma.com/tips/csharp/path/getfilenamewithoutextension.html file_name = System.IO.Path.GetFileNameWithoutExtension(file_name) + "_pzpr"; // http://ja.stackoverflow.com/questions/4312/連番のファイル名を生成するには // 連番ファイル名の生成 System.IO.DirectoryInfo dir_info = new DirectoryInfo(dir_path); var max = dir_info.GetDirectories(file_name + "???") // パターンに一致するファイルを取得する .Select(fi => Regex.Match(fi.Name, @"(?i)(\d{3})$")) // ファイルの中で数値のものを探す .Where(m => m.Success) // 該当するファイルだけに絞り込む .Select(m => Int32.Parse(m.Groups[1].Value)) // 数値を取得する .DefaultIfEmpty(0) // 1つも該当しなかった場合は 0 とする .Max(); // 最大値を取得する string create_file = dir_path + String.Format("{0}{1:d3}", file_name, max + 1) + @"\"; // http://jeanne.wankuma.com/tips/csharp/directory/create.html // フォルダを作成 System.IO.Directory.CreateDirectory(create_file); // CSV用 MyCSVManagement.working_directory = create_file; Console.WriteLine("create_file >> " + create_file); // http://www.ipentec.com/document/document.aspx?page=csharp-directory-add-permission // 作成したディレクトリにアクセス許可を付与 FileSystemAccessRule rule = new FileSystemAccessRule( new NTAccount("everyone"), FileSystemRights.FullControl, InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow); DirectorySecurity security = Directory.GetAccessControl(create_file); security.SetAccessRule(rule); Directory.SetAccessControl(create_file, security); return(create_file); }
public static bool GrantModifyAccessToFolder(string windowsAccountUserName, string folderName) { DirectoryInfo directory = null; DirectorySecurity directorySecurity = null; FileSystemAccessRule rule = null; try { if (windowsAccountUserName.Length < 1) { return(false); } if (folderName.Length < 1) { return(false); } if (!Directory.Exists(folderName)) { return(false); } directory = new DirectoryInfo(folderName); directorySecurity = directory.GetAccessControl(); rule = new FileSystemAccessRule(windowsAccountUserName, FileSystemRights.Modify, InheritanceFlags.None | InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow); directorySecurity.SetAccessRule(rule); directory.SetAccessControl(directorySecurity); return(true); } catch (Exception) { throw; } }
public bool CreateFolder(string folder) { try { DirectorySecurity security = new DirectorySecurity(); security.SetAccessRule(new FileSystemAccessRule( new SecurityIdentifier(WellKnownSidType.WorldSid, null), FileSystemRights.FullControl, InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, PropagationFlags.NoPropagateInherit, AccessControlType.Allow)); Directory.CreateDirectory(folder, security); return(true); } catch (Exception e) { // TODO logging MessageBox.Show(e.Message); } return(false); }
public static string MakeDirectoryInSpecialPlaceWithPermission(this string DirectoryName, Environment.SpecialFolder specialfolder) { DirectorySecurity ds = new DirectorySecurity(); var path = Environment.GetFolderPath(specialfolder); var mainpath = Path.Combine(path, DirectoryName); var rights = FileSystemRights.FullControl; var user = new SecurityIdentifier(WellKnownSidType.AuthenticatedUserSid, null); FileSystemAccessRule rule = new FileSystemAccessRule(user, rights, AccessControlType.Allow); ds.SetAccessRule(rule); if (!Directory.Exists(mainpath)) { DirectoryInfo d = new DirectoryInfo(mainpath); d.Create(ds); // Directory.CreateDirectory(mainpath, ds); } return(mainpath); }
/// <summary> /// Create a new ACL /// </summary> /// <param name="securityClass"></param> /// <returns></returns> public static DirectorySecurity CreateDirSecurity(SecurityClass securityClass) { var security = new DirectorySecurity(); var windowsIdentity = WindowsIdentity.GetCurrent(); var identity = windowsIdentity?.User; FileSystemAccessRule accessRule; if (identity != null) { security.SetOwner(identity); accessRule = new FileSystemAccessRule(identity, FileSystemRights.FullControl, InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow); security.SetAccessRule(accessRule); } if (securityClass != SecurityClass.Everybody) { return(security); } var everybodyIdentity = new SecurityIdentifier(WellKnownSidType.WorldSid, null); accessRule = new FileSystemAccessRule(everybodyIdentity, FileSystemRights.FullControl, InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow); security.AddAccessRule(accessRule); return(security); }
public static void SetFullControl(DirectoryInfo di, WindowsIdentity wi = null) { FileIOPermission f2 = new FileIOPermission(FileIOPermissionAccess.AllAccess, di.FullName); f2.Demand(); String trusteeName = wi != null ? wi.Name : WindowsIdentity.GetCurrent().Name; DirectorySecurity ds = new DirectorySecurity(); FileSystemAccessRule fsar = new FileSystemAccessRule ( trusteeName, FileSystemRights.FullControl | FileSystemRights.TakeOwnership, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow ); ds.SetAccessRule(fsar); di.SetAccessControl(ds); }
protected override void SetWritePermissions(string path, bool writable) { // Remove Write permissions, we're owner and have Delete permissions, so we can still clean it up. var owner = WindowsIdentity.GetCurrent().Owner; var accessControlType = writable ? AccessControlType.Allow : AccessControlType.Deny; if (Directory.Exists(path)) { var directoryInfo = new DirectoryInfo(path); var directorySecurity = new DirectorySecurity(path, AccessControlSections.None); directorySecurity.SetAccessRule(new FileSystemAccessRule(owner, FileSystemRights.Write, accessControlType)); directoryInfo.SetAccessControl(directorySecurity); } else { var fileInfo = new FileInfo(path); var fileSecurity = new FileSecurity(path, AccessControlSections.None); fileSecurity.SetAccessRule(new FileSystemAccessRule(owner, FileSystemRights.Write, accessControlType)); fileInfo.SetAccessControl(fileSecurity); } }