SetSecurityInfo() static private method

static private SetSecurityInfo ( Microsoft.Win32.ResourceType type, string name, SafeHandle handle, SecurityInfos securityInformation, System.Security.Principal.SecurityIdentifier owner, System.Security.Principal.SecurityIdentifier group, GenericAcl sacl, GenericAcl dacl ) : int
type Microsoft.Win32.ResourceType
name string
handle System.Runtime.InteropServices.SafeHandle
securityInformation SecurityInfos
owner System.Security.Principal.SecurityIdentifier
group System.Security.Principal.SecurityIdentifier
sacl GenericAcl
dacl GenericAcl
return int
コード例 #1
0
 private void Persist(string name, SafeHandle handle, AccessControlSections includeSections, object exceptionContext)
 {
     this.WriteLock();
     try
     {
         SecurityInfos      securityInformation = (SecurityInfos)0;
         SecurityIdentifier owner            = (SecurityIdentifier)null;
         SecurityIdentifier group            = (SecurityIdentifier)null;
         SystemAcl          systemAcl        = (SystemAcl)null;
         DiscretionaryAcl   discretionaryAcl = (DiscretionaryAcl)null;
         if ((includeSections & AccessControlSections.Owner) != AccessControlSections.None && this._securityDescriptor.Owner != (SecurityIdentifier)null)
         {
             securityInformation |= SecurityInfos.Owner;
             owner = this._securityDescriptor.Owner;
         }
         if ((includeSections & AccessControlSections.Group) != AccessControlSections.None && this._securityDescriptor.Group != (SecurityIdentifier)null)
         {
             securityInformation |= SecurityInfos.Group;
             group = this._securityDescriptor.Group;
         }
         if ((includeSections & AccessControlSections.Audit) != AccessControlSections.None)
         {
             SecurityInfos securityInfos = securityInformation | SecurityInfos.SystemAcl;
             systemAcl           = !this._securityDescriptor.IsSystemAclPresent || this._securityDescriptor.SystemAcl == null || this._securityDescriptor.SystemAcl.Count <= 0 ? (SystemAcl)null : this._securityDescriptor.SystemAcl;
             securityInformation = (this._securityDescriptor.ControlFlags & ControlFlags.SystemAclProtected) == ControlFlags.None ? securityInfos | (SecurityInfos)this.UnprotectedSystemAcl : securityInfos | (SecurityInfos)this.ProtectedSystemAcl;
         }
         if ((includeSections & AccessControlSections.Access) != AccessControlSections.None && this._securityDescriptor.IsDiscretionaryAclPresent)
         {
             SecurityInfos securityInfos = securityInformation | SecurityInfos.DiscretionaryAcl;
             discretionaryAcl    = !this._securityDescriptor.DiscretionaryAcl.EveryOneFullAccessForNullDacl ? this._securityDescriptor.DiscretionaryAcl : (DiscretionaryAcl)null;
             securityInformation = (this._securityDescriptor.ControlFlags & ControlFlags.DiscretionaryAclProtected) == ControlFlags.None ? securityInfos | (SecurityInfos)this.UnprotectedDiscretionaryAcl : securityInfos | (SecurityInfos)this.ProtectedDiscretionaryAcl;
         }
         if (securityInformation == (SecurityInfos)0)
         {
             return;
         }
         int errorCode = Win32.SetSecurityInfo(this._resourceType, name, handle, securityInformation, owner, group, (GenericAcl)systemAcl, (GenericAcl)discretionaryAcl);
         if (errorCode != 0)
         {
             Exception exception = (Exception)null;
             if (this._exceptionFromErrorCode != null)
             {
                 exception = this._exceptionFromErrorCode(errorCode, name, handle, exceptionContext);
             }
             if (exception == null)
             {
                 if (errorCode == 5)
                 {
                     exception = (Exception) new UnauthorizedAccessException();
                 }
                 else if (errorCode == 1307)
                 {
                     exception = (Exception) new InvalidOperationException(Environment.GetResourceString("AccessControl_InvalidOwner"));
                 }
                 else if (errorCode == 1308)
                 {
                     exception = (Exception) new InvalidOperationException(Environment.GetResourceString("AccessControl_InvalidGroup"));
                 }
                 else if (errorCode == 123)
                 {
                     exception = (Exception) new ArgumentException(Environment.GetResourceString("Argument_InvalidName"), "name");
                 }
                 else if (errorCode == 6)
                 {
                     exception = (Exception) new NotSupportedException(Environment.GetResourceString("AccessControl_InvalidHandle"));
                 }
                 else if (errorCode == 2)
                 {
                     exception = (Exception) new FileNotFoundException();
                 }
                 else if (errorCode == 1350)
                 {
                     exception = (Exception) new NotSupportedException(Environment.GetResourceString("AccessControl_NoAssociatedSecurity"));
                 }
                 else
                 {
                     exception = (Exception) new InvalidOperationException(Environment.GetResourceString("AccessControl_UnexpectedError", (object)errorCode));
                 }
             }
             throw exception;
         }
         this.OwnerModified       = false;
         this.GroupModified       = false;
         this.AccessRulesModified = false;
         this.AuditRulesModified  = false;
     }
     finally
     {
         this.WriteUnlock();
     }
 }
コード例 #2
0
        //
        // Attempts to persist the security descriptor onto the object
        //

        private void Persist(string name, SafeHandle handle, AccessControlSections includeSections, object exceptionContext)
        {
            WriteLock();

            try
            {
                int           error;
                SecurityInfos securityInfo = 0;

                SecurityIdentifier owner = null, group = null;
                SystemAcl          sacl = null;
                DiscretionaryAcl   dacl = null;

                if ((includeSections & AccessControlSections.Owner) != 0 && _securityDescriptor.Owner != null)
                {
                    securityInfo |= SecurityInfos.Owner;
                    owner         = _securityDescriptor.Owner;
                }

                if ((includeSections & AccessControlSections.Group) != 0 && _securityDescriptor.Group != null)
                {
                    securityInfo |= SecurityInfos.Group;
                    group         = _securityDescriptor.Group;
                }

                if ((includeSections & AccessControlSections.Audit) != 0)
                {
                    securityInfo |= SecurityInfos.SystemAcl;
                    if (_securityDescriptor.IsSystemAclPresent &&
                        _securityDescriptor.SystemAcl != null &&
                        _securityDescriptor.SystemAcl.Count > 0)
                    {
                        sacl = _securityDescriptor.SystemAcl;
                    }
                    else
                    {
                        sacl = null;
                    }

                    if ((_securityDescriptor.ControlFlags & ControlFlags.SystemAclProtected) != 0)
                    {
                        securityInfo = (SecurityInfos)((uint)securityInfo | ProtectedSystemAcl);
                    }
                    else
                    {
                        securityInfo = (SecurityInfos)((uint)securityInfo | UnprotectedSystemAcl);
                    }
                }

                if ((includeSections & AccessControlSections.Access) != 0 && _securityDescriptor.IsDiscretionaryAclPresent)
                {
                    securityInfo |= SecurityInfos.DiscretionaryAcl;

                    // if the DACL is in fact a crafted replaced for NULL replacement, then we will persist it as NULL
                    if (_securityDescriptor.DiscretionaryAcl.EveryOneFullAccessForNullDacl)
                    {
                        dacl = null;
                    }
                    else
                    {
                        dacl = _securityDescriptor.DiscretionaryAcl;
                    }

                    if ((_securityDescriptor.ControlFlags & ControlFlags.DiscretionaryAclProtected) != 0)
                    {
                        securityInfo = unchecked ((SecurityInfos)((uint)securityInfo | ProtectedDiscretionaryAcl));
                    }
                    else
                    {
                        securityInfo = (SecurityInfos)((uint)securityInfo | UnprotectedDiscretionaryAcl);
                    }
                }

                if (securityInfo == 0)
                {
                    //
                    // Nothing to persist
                    //

                    return;
                }

                error = Win32.SetSecurityInfo(_resourceType, name, handle, securityInfo, owner, group, sacl, dacl);

                if (error != Interop.Errors.ERROR_SUCCESS)
                {
                    System.Exception exception = null;

                    if (_exceptionFromErrorCode != null)
                    {
                        exception = _exceptionFromErrorCode(error, name, handle, exceptionContext);
                    }

                    if (exception == null)
                    {
                        if (error == Interop.Errors.ERROR_ACCESS_DENIED)
                        {
                            exception = new UnauthorizedAccessException();
                        }
                        else if (error == Interop.Errors.ERROR_INVALID_OWNER)
                        {
                            exception = new InvalidOperationException(SR.AccessControl_InvalidOwner);
                        }
                        else if (error == Interop.Errors.ERROR_INVALID_PRIMARY_GROUP)
                        {
                            exception = new InvalidOperationException(SR.AccessControl_InvalidGroup);
                        }
                        else if (error == Interop.Errors.ERROR_INVALID_NAME)
                        {
                            exception = new ArgumentException(SR.Argument_InvalidName, nameof(name));
                        }
                        else if (error == Interop.Errors.ERROR_INVALID_HANDLE)
                        {
                            exception = new NotSupportedException(SR.AccessControl_InvalidHandle);
                        }
                        else if (error == Interop.Errors.ERROR_FILE_NOT_FOUND)
                        {
                            exception = new FileNotFoundException();
                        }
                        else if (error == Interop.Errors.ERROR_NO_SECURITY_ON_OBJECT)
                        {
                            exception = new NotSupportedException(SR.AccessControl_NoAssociatedSecurity);
                        }
                        else
                        {
                            Debug.Fail($"Unexpected error code {error}");
                            exception = new InvalidOperationException(SR.Format(SR.AccessControl_UnexpectedError, error));
                        }
                    }

                    throw exception;
                }

                //
                // Everything goes well, let us clean the modified flags.
                // We are in proper write lock, so just go ahead
                //

                this.OwnerModified       = false;
                this.GroupModified       = false;
                this.AccessRulesModified = false;
                this.AuditRulesModified  = false;
            }
            finally
            {
                WriteUnlock();
            }
        }
コード例 #3
0
 private void Persist(string name, SafeHandle handle, AccessControlSections includeSections, object exceptionContext)
 {
     base.WriteLock();
     try
     {
         SecurityInfos      securityInfos = (SecurityInfos)0;
         SecurityIdentifier owner         = null;
         SecurityIdentifier group         = null;
         SystemAcl          sacl          = null;
         DiscretionaryAcl   dacl          = null;
         if ((includeSections & AccessControlSections.Owner) != AccessControlSections.None && this._securityDescriptor.Owner != null)
         {
             securityInfos |= SecurityInfos.Owner;
             owner          = this._securityDescriptor.Owner;
         }
         if ((includeSections & AccessControlSections.Group) != AccessControlSections.None && this._securityDescriptor.Group != null)
         {
             securityInfos |= SecurityInfos.Group;
             group          = this._securityDescriptor.Group;
         }
         if ((includeSections & AccessControlSections.Audit) != AccessControlSections.None)
         {
             securityInfos |= SecurityInfos.SystemAcl;
             if (this._securityDescriptor.IsSystemAclPresent && this._securityDescriptor.SystemAcl != null && this._securityDescriptor.SystemAcl.Count > 0)
             {
                 sacl = this._securityDescriptor.SystemAcl;
             }
             else
             {
                 sacl = null;
             }
             if ((this._securityDescriptor.ControlFlags & ControlFlags.SystemAclProtected) != ControlFlags.None)
             {
                 securityInfos |= (SecurityInfos)this.ProtectedSystemAcl;
             }
             else
             {
                 securityInfos |= (SecurityInfos)this.UnprotectedSystemAcl;
             }
         }
         if ((includeSections & AccessControlSections.Access) != AccessControlSections.None && this._securityDescriptor.IsDiscretionaryAclPresent)
         {
             securityInfos |= SecurityInfos.DiscretionaryAcl;
             if (this._securityDescriptor.DiscretionaryAcl.EveryOneFullAccessForNullDacl)
             {
                 dacl = null;
             }
             else
             {
                 dacl = this._securityDescriptor.DiscretionaryAcl;
             }
             if ((this._securityDescriptor.ControlFlags & ControlFlags.DiscretionaryAclProtected) != ControlFlags.None)
             {
                 securityInfos |= (SecurityInfos)this.ProtectedDiscretionaryAcl;
             }
             else
             {
                 securityInfos |= (SecurityInfos)this.UnprotectedDiscretionaryAcl;
             }
         }
         if (securityInfos != (SecurityInfos)0)
         {
             int num = Win32.SetSecurityInfo(this._resourceType, name, handle, securityInfos, owner, group, sacl, dacl);
             if (num != 0)
             {
                 Exception ex = null;
                 if (this._exceptionFromErrorCode != null)
                 {
                     ex = this._exceptionFromErrorCode(num, name, handle, exceptionContext);
                 }
                 if (ex == null)
                 {
                     if (num == 5)
                     {
                         ex = new UnauthorizedAccessException();
                     }
                     else if (num == 1307)
                     {
                         ex = new InvalidOperationException(Environment.GetResourceString("AccessControl_InvalidOwner"));
                     }
                     else if (num == 1308)
                     {
                         ex = new InvalidOperationException(Environment.GetResourceString("AccessControl_InvalidGroup"));
                     }
                     else if (num == 123)
                     {
                         ex = new ArgumentException(Environment.GetResourceString("Argument_InvalidName"), "name");
                     }
                     else if (num == 6)
                     {
                         ex = new NotSupportedException(Environment.GetResourceString("AccessControl_InvalidHandle"));
                     }
                     else if (num == 2)
                     {
                         ex = new FileNotFoundException();
                     }
                     else if (num == 1350)
                     {
                         ex = new NotSupportedException(Environment.GetResourceString("AccessControl_NoAssociatedSecurity"));
                     }
                     else
                     {
                         ex = new InvalidOperationException(Environment.GetResourceString("AccessControl_UnexpectedError", new object[]
                         {
                             num
                         }));
                     }
                 }
                 throw ex;
             }
             base.OwnerModified       = false;
             base.GroupModified       = false;
             base.AccessRulesModified = false;
             base.AuditRulesModified  = false;
         }
     }
     finally
     {
         base.WriteUnlock();
     }
 }