public void ReplaceFile(string file) { Debug.Assert(File.Exists(file)); ActionObserver.NotifyAction("Search/Replace SID", "File", file, string.Empty); try { FileSecurity security = File.GetAccessControl(file, AccessControlSections.All); string sddl = security.GetSecurityDescriptorSddlForm(AccessControlSections.All); foreach (Tuple <SecurityIdentifier, SecurityIdentifier> item in ReplaceList) { string searchItem = item.Item1.ToString(); string replaceItem = item.Item2.ToString(); string newSddl = sddl.Replace(searchItem, replaceItem); if (newSddl != sddl) { ActionObserver.NotifyInformation( "File '{0}' replaced '{1}' with '{2}'", file, searchItem, replaceItem ); } sddl = newSddl; } security.SetSecurityDescriptorSddlForm(sddl, AccessControlSections.All); File.SetAccessControl(file, security); } catch (Exception error) { ActionObserver.NotifyError("Unable to search SIDs on file '{0}' due to error '{1}'", file, error.Message); } }
// From http://stackoverflow.com/questions/3118439/how-to-copy-ntfs-permissions //private static void CopySecurityInformation(String source, String dest) //{ // FileSecurity fileSecurity = File.GetAccessControl(source, AccessControlSections.All); // fileSecurity.SetAccessRuleProtection(true, true); // from http://www.codekeep.net/snippets/1dc00f8c-b338-4760-aecb-024fe5009ed6.aspx // File.SetAccessControl(dest, fileSecurity); // FileAttributes fileAttributes = File.GetAttributes(source); // File.SetAttributes(dest, fileAttributes); //} // From http://msdn.microsoft.com/en-us/library/system.io.file.setaccesscontrol.aspx private static void CopySecurityInformation(String source, String dest) { FileSecurity sourceFileSecurity = File.GetAccessControl(source, AccessControlSections.All); FileSecurity destFileSecurity = new FileSecurity(); string sourceDescriptor = sourceFileSecurity.GetSecurityDescriptorSddlForm(AccessControlSections.All); destFileSecurity.SetSecurityDescriptorSddlForm(sourceDescriptor); File.SetAccessControl(dest, sourceFileSecurity); FileAttributes fileAttributes = File.GetAttributes(source); File.SetAttributes(dest, fileAttributes); }
private uint SetSecurity(IntPtr pThis, uint SecurityInformation, IntPtr pSecurityDescriptor) { IntPtr psd = IntPtr.Zero; uint len = 0; try { if (!MakeSelfRelativeSD(pSecurityDescriptor, psd, ref len)) { int err = Marshal.GetLastWin32Error(); if (err != ERROR_INSUFFICIENT_BUFFER) { throw new System.ComponentModel.Win32Exception(err, "MakeSelfRelativeSD failed. Error = " + err); } } psd = Marshal.AllocHGlobal((int)len); if (!MakeSelfRelativeSD(pSecurityDescriptor, psd, ref len)) { int err = Marshal.GetLastWin32Error(); throw new System.ComponentModel.Win32Exception(err, "MakeSelfRelativeSD failed. Error = " + err); } byte[] sd = new byte[len]; Marshal.Copy(psd, sd, 0, (int)len); FileSecurity fs = new FileSecurity(); fs.SetSecurityDescriptorBinaryForm(sd); _sddl = fs.GetSecurityDescriptorSddlForm(AccessControlSections.All); return(S_OK); } catch { return(E_FAIL); } finally { if (psd != IntPtr.Zero) { Marshal.FreeHGlobal(psd); } } }
private void internal_fill(string file_name) { textBoxAcl.Clear(); textBoxSddl.Clear(); AuthorizationRuleCollection dacls = null; AuthorizationRuleCollection sacls = null; FileSecurity f_sec = null; try { f_sec = File.GetAccessControl(file_name); try { dacls = f_sec.GetAccessRules(true, true, typeof(NTAccount)); } catch (Exception ex) { textBoxAcl.AppendText(ex.Message); textBoxAcl.AppendText("\r\n"); } try { sacls = f_sec.GetAuditRules(true, true, typeof(NTAccount)); } catch (Exception ex) { textBoxAcl.AppendText(ex.Message); textBoxAcl.AppendText("\r\n"); } StringBuilder sb = new StringBuilder(); sb.Append("Owner\r\n"); sb.Append("=====\r\n"); try { sb.Append(f_sec.GetOwner(typeof(NTAccount)).Value); } catch (Exception ex) { sb.Append(ex.Message); } sb.Append("\r\n\r\n"); sb.Append("Primary group\r\n"); sb.Append("=============\r\n"); try { sb.Append(f_sec.GetGroup(typeof(NTAccount)).Value); } catch (Exception ex) { sb.Append(ex.Message); } sb.Append("\r\n\r\n"); sb.Append("Access rules\r\n"); sb.Append("============\r\n"); sb.Append(string.Format("Inherit disable: {0}\r\n\r\n", f_sec.AreAccessRulesProtected)); if (dacls != null) { foreach (FileSystemAccessRule rule in dacls) { sb.Append(string.Format("Identity: {0}\r\n", rule.IdentityReference.Value)); sb.Append(string.Format("Access type: {0}\r\n", rule.AccessControlType.ToString())); sb.Append(string.Format("Rights: {0}\r\n", rule.FileSystemRights.ToString())); sb.Append(string.Format("Inheritance: {0}\r\n", rule.InheritanceFlags.ToString())); sb.Append(string.Format("Inherited: {0}\r\n", rule.IsInherited)); sb.Append(string.Format("Propagation: {0}\r\n", rule.PropagationFlags.ToString())); sb.Append("\r\n"); } } sb.Append("Audit rules\r\n"); sb.Append("===========\r\n"); sb.Append(string.Format("Inherit disable: {0}\r\n\r\n", f_sec.AreAuditRulesProtected)); if (sacls != null) { foreach (FileSystemAuditRule rule in sacls) { sb.Append(string.Format("Identity: {0}\r\n", rule.IdentityReference.Value)); sb.Append(string.Format("Audit type: {0}\r\n", rule.AuditFlags.ToString())); sb.Append(string.Format("Rights: {0}\r\n", rule.FileSystemRights.ToString())); sb.Append(string.Format("Inheritance: {0}\r\n", rule.InheritanceFlags.ToString())); sb.Append(string.Format("Inherited: {0}\r\n", rule.IsInherited)); sb.Append(string.Format("Propagation: {0}\r\n", rule.PropagationFlags.ToString())); sb.Append("\r\n"); } } textBoxAcl.Font = new Font(FontFamily.GenericMonospace, textBoxAcl.Font.Size); textBoxSddl.Font = textBoxAcl.Font; textBoxAcl.Text = sb.ToString(); textBoxSddl.Text = f_sec.GetSecurityDescriptorSddlForm(AccessControlSections.All); } catch (Exception ex) { textBoxAcl.Font = new Font(FontFamily.GenericMonospace, textBoxAcl.Font.Size); textBoxSddl.Font = textBoxAcl.Font; textBoxAcl.Text = string.Format("Cannot get security descriptor. {0}", ex.Message); } }