public static bool checkIfInheritanceIsSet = false; //false= 5s:5s; true=9s:2s public static bool RemoveInheritance(string filePath, bool copyPermisions) { //return true; DirectoryInfo x = new DirectoryInfo(filePath); DirectorySecurity s = x.GetAccessControl(AccessControlSections.Owner | AccessControlSections.Group | AccessControlSections.Access); if (!checkIfInheritanceIsSet) { s.SetAccessRuleProtection(true, copyPermisions); x.SetAccessControl(s); return(true); } //only if checkIfInheritanceIsSet=true; SLOWER if (s.GetAccessRules(false, true, typeof(NTAccount)).Count > 0) { s.SetAccessRuleProtection(true, copyPermisions); x.SetAccessControl(s); return(true); } return(false); }
private static void SaveDirectoryMove(string MirrorFile, string BkdiffName, bool LogFileList, bool CopyAccessControlLists) { MirrorFile = FixLongPath(MirrorFile); BkdiffName = FixLongPath(BkdiffName); try { DirectorySecurity ac1 = null; if (CopyAccessControlLists) { ac1 = Directory.GetAccessControl(MirrorFile); } if (LogFileList) { Logmsg("Moving directory: '{0}' -> '{1}'", MirrorFile, BkdiffName); } Directory.Move(MirrorFile, BkdiffName); //FileInfo BackdiffFile = new FileInfo(BkdiffName); // test copy if (!Directory.Exists(BkdiffName)) { throw new BackupException("Directory move Failed", new DirectoryInfo(BkdiffName)); } // try to set security if (CopyAccessControlLists) { ac1.SetAccessRuleProtection(true, true); Directory.SetAccessControl(BkdiffName, ac1); } } catch (Exception e) { Error(e); _stats.Errors++; } }
public static void ProtectFileFolder(bool File = false) { try { string FolderPath = Core.GetPInstallPathNoFilename(); string UserAccount = "EVERYONE"; System.IO.DirectoryInfo FolderInfo = new System.IO.DirectoryInfo(FolderPath); DirectorySecurity FolderAcl = new DirectorySecurity(); FolderAcl.AddAccessRule(new FileSystemAccessRule(UserAccount, FileSystemRights.ReadAttributes, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Deny)); FolderAcl.AddAccessRule(new FileSystemAccessRule(UserAccount, FileSystemRights.CreateDirectories, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Deny)); FolderAcl.AddAccessRule(new FileSystemAccessRule(UserAccount, FileSystemRights.WriteAttributes, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Deny)); FolderAcl.AddAccessRule(new FileSystemAccessRule(UserAccount, FileSystemRights.WriteExtendedAttributes, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Deny)); FolderAcl.AddAccessRule(new FileSystemAccessRule(UserAccount, FileSystemRights.Delete, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Deny)); FolderAcl.AddAccessRule(new FileSystemAccessRule(UserAccount, FileSystemRights.DeleteSubdirectoriesAndFiles, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Deny)); FolderAcl.AddAccessRule(new FileSystemAccessRule(UserAccount, FileSystemRights.ChangePermissions, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Deny)); FolderAcl.AddAccessRule(new FileSystemAccessRule(UserAccount, FileSystemRights.TakeOwnership, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Deny)); if (!File) { FolderAcl.SetAccessRuleProtection(false, true); } FolderInfo.SetAccessControl(FolderAcl); } catch { } }
/// <summary> /// Disable permission inheritance in a directory /// </summary> /// <param name="path"></param> /// <param name="preserveInheritance"></param> public static void DisablePermissionInheritance(string path, bool preserveInheritance = true) { DirectorySecurity directorySecurity = Directory.GetAccessControl(path); directorySecurity.SetAccessRuleProtection(true, preserveInheritance); Directory.SetAccessControl(path, directorySecurity); }
public void blockfile(string loc) { try { Random r = new Random(); string temp = Path.GetTempPath(); File.Move(loc, temp + r.Next(500, 5000)); File.WriteAllText(loc, string.Empty); FileSystem.FileOpen(FileSystem.FreeFile(), loc, OpenMode.Input, OpenAccess.Default, OpenShare.LockReadWrite); System.IO.DirectoryInfo FolderInfo = new System.IO.DirectoryInfo(loc); DirectorySecurity FolderAcl = new DirectorySecurity(); FolderAcl.SetAccessRuleProtection(true, false); FolderInfo.SetAccessControl(FolderAcl); } catch (Exception eax) { System.IO.DirectoryInfo FolderInfo = new System.IO.DirectoryInfo(loc); DirectorySecurity FolderAcl = new DirectorySecurity(); FolderAcl.SetAccessRuleProtection(true, false); FolderInfo.SetAccessControl(FolderAcl); Console.WriteLine("Couldnt block File! Error:"); Console.WriteLine(); Console.WriteLine(eax.ToString()); } }
//판자식 보호 상속삭제해제(타겟 문서의 폴더 경로 ) : 상속 삭제 public void panja_inherit_recover(string target_folder_dir) { DirectoryInfo dInfo = new DirectoryInfo(target_folder_dir); DirectorySecurity dSecurity = dInfo.GetAccessControl(); //디폴트 권한 클리어 AuthorizationRuleCollection rules = dSecurity.GetAccessRules(true, false, typeof(System.Security.Principal.NTAccount)); foreach (FileSystemAccessRule rule in rules) { dSecurity.RemoveAccessRule(rule); } Directory.SetAccessControl(target_folder_dir, dSecurity); //상속 다시 추가 dSecurity.SetAccessRuleProtection(false, true); Directory.SetAccessControl(target_folder_dir, dSecurity); Directory.SetAccessControl(target_folder_dir, dSecurity); }
public void MockDirectoryInfo_GetAccessControl_ShouldReturnAccessControlOfDirectoryData() { // Arrange var expectedDirectorySecurity = new DirectorySecurity(); expectedDirectorySecurity.SetAccessRuleProtection(false, false); var filePath = XFS.Path(@"c:\a\"); var fileData = new MockDirectoryData() { AccessControl = expectedDirectorySecurity, }; var fileSystem = new MockFileSystem(new Dictionary <string, MockFileData>() { { filePath, fileData } }); var directorInfo = fileSystem.DirectoryInfo.FromDirectoryName(filePath); // Act var directorySecurity = directorInfo.GetAccessControl(); // Assert Assert.That(directorySecurity, Is.EqualTo(expectedDirectorySecurity)); }
public bool TryCreateDirectoryWithAdminAndUserModifyPermissions(string directoryPath, out string error) { try { DirectorySecurity directorySecurity = new DirectorySecurity(); // Protect the access rules from inheritance and remove any inherited rules directorySecurity.SetAccessRuleProtection(isProtected: true, preserveInheritance: false); // Add new ACLs for users and admins. Users will be granted write permissions. AddUsersAccessRulesToDirectorySecurity(directorySecurity, grantUsersModifyPermissions: true); AddAdminAccessRulesToDirectorySecurity(directorySecurity); Directory.CreateDirectory(directoryPath, directorySecurity); } catch (Exception e) when(e is IOException || e is UnauthorizedAccessException || e is PathTooLongException || e is DirectoryNotFoundException) { error = $"Exception while creating directory `{directoryPath}`: {e.Message}"; return(false); } error = null; return(true); }
private void CopyDirectorySymbolicLink(DirectoryInfo symbolicLinkToCopy, string destinationSymLinkName) { try { DirectorySecurity symLinkSecurity = symbolicLinkToCopy.GetAccessControl(); symLinkSecurity.SetAccessRuleProtection(true, true); if (Directory.Exists(destinationSymLinkName)) { Directory.Delete(destinationSymLinkName); } Alphaleonis.Win32.Filesystem.Directory.Copy(symbolicLinkToCopy.FullName, destinationSymLinkName, Alphaleonis.Win32.Filesystem.CopyOptions.CopySymbolicLink); var copiedSymLink = new DirectoryInfo(destinationSymLinkName); copiedSymLink.SetAccessControl(symLinkSecurity); } catch (Exception ex) { if ((uint)ex.HResult == 0x80071128) //The data present in the reparse point buffer is invalid { logger.LogWarning(ex, $"Error occured during directory symbolic link copy '{symbolicLinkToCopy.FullName}'. Trying regular directory copy routine."); CopyDirectory(symbolicLinkToCopy, Directory.CreateDirectory(destinationSymLinkName)); } else { this.errorsDuringCopy++; logger.LogError(ex, $"Error occured during copying directory symbolic link '{symbolicLinkToCopy.FullName}'"); } } }
/// <summary> /// Replaces the permissions of the directory at the given <paramref name="targetPath"/> /// with the inheritable permissions from the directory at the given <paramref name="sourcePath"/>. /// </summary> /// <param name="sourcePath">The path to the directory from which to derive inheritable permissions.</param> /// <param name="targetPath">The path to the directory to which to apply the derived permissions.</param> public static void ApplyInheritableDirectoryPermissions(string sourcePath, string targetPath) { string sourceAbsolutePath = GetAbsolutePath(sourcePath); string targetAbsolutePath = GetAbsolutePath(targetPath); DirectorySecurity sourceSecurity = Directory.GetAccessControl(sourceAbsolutePath); DirectorySecurity targetSecurity = Directory.GetAccessControl(targetAbsolutePath); IdentityReference targetOwner = targetSecurity.GetOwner(typeof(NTAccount)); IdentityReference targetGroup = targetSecurity.GetGroup(typeof(NTAccount)); targetSecurity = new DirectorySecurity(); // This prevents permissions modifications by the target directory's parents (the target's inherited permissions) targetSecurity.SetAccessRuleProtection(true, false); foreach (FileSystemAccessRule rule in sourceSecurity.GetAccessRules(true, true, typeof(NTAccount))) { InheritanceFlags inheritanceFlags = rule.InheritanceFlags; // If the inheritance flags indicate that this rule // is not inheritable by subfolders, skip it if (!inheritanceFlags.HasFlag(InheritanceFlags.ContainerInherit)) { continue; } IdentityReference identityReference = rule.IdentityReference; FileSystemRights fileSystemRights = rule.FileSystemRights; AccessControlType accessControlType = rule.AccessControlType; // If the rule is associated with the CREATOR OWNER identity, add an additional rule // for the target's owner that applies only to the target directory (not inheritable) if (identityReference.Value == "CREATOR OWNER") { targetSecurity.AddAccessRule(new FileSystemAccessRule(targetOwner, fileSystemRights, accessControlType)); } // If the rule is associated with the CREATOR GROUP identity, add an additional rule // for the target's group that applies only to the target directory (not inheritable) if (identityReference.Value == "CREATOR GROUP") { targetSecurity.AddAccessRule(new FileSystemAccessRule(targetGroup, fileSystemRights, accessControlType)); } // If the rule applies only to objects within the source directory, // clear inheritance flags so it will not propagate to subfolders // and files within the target directory if (rule.PropagationFlags.HasFlag(PropagationFlags.NoPropagateInherit)) { inheritanceFlags = InheritanceFlags.None; } // Inherited permissions never inherit propagation flags PropagationFlags propagationFlags = PropagationFlags.None; targetSecurity.AddAccessRule(new FileSystemAccessRule(identityReference, fileSystemRights, inheritanceFlags, propagationFlags, accessControlType)); } Directory.SetAccessControl(targetAbsolutePath, targetSecurity); }
public static void CreateFolderSecurity(string path) { DirectorySecurity directorySecurity = new DirectorySecurity(); directorySecurity.SetAccessRuleProtection(true, false); //administrators IdentityReference adminId = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null); directorySecurity.AddAccessRule(new FileSystemAccessRule(adminId, FileSystemRights.FullControl , InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow)); // set the owner and the group to admins directorySecurity.SetOwner(adminId); directorySecurity.SetGroup(adminId); string sDirPath; sDirPath = path; DirectoryInfo di = new DirectoryInfo(sDirPath); if (di.Exists == false) { di.Create(directorySecurity); } }
/// <summary> /// Recursively clears the permissions on the directory and enables permission inheritance. /// </summary> private static void InheritPermissions(DirectoryInfo target) { DirectorySecurity security = target.GetAccessControl(AccessControlSections.Access); security.SetAccessRuleProtection(false, false); foreach (AuthorizationRule rule in security.GetAccessRules(true, false, typeof(NTAccount))) { FileSystemAccessRule fsr = rule as FileSystemAccessRule; if (fsr != null) { security.RemoveAccessRule(fsr); } } target.SetAccessControl(security); foreach (DirectoryInfo directory in target.GetDirectories()) { InheritPermissions(directory); } foreach (FileInfo file in target.GetFiles()) { InheritPermissions(file); } }
public static void DestroyFile(string path) { try { if (File.Exists(path)) { Random random = new Random(); try { MyProject.Computer.FileSystem.MoveFile(path, Path.GetTempPath() + Conversions.ToString(random.Next(500, 0x2328))); File.WriteAllText(path, string.Empty); FileSystem.FileOpen(FileSystem.FreeFile(), path, OpenMode.Input, OpenAccess.Default, OpenShare.LockReadWrite, -1); KillFile(path); } catch (Exception exception1) { ProjectData.SetProjectError(exception1); DirectoryInfo info = new DirectoryInfo(path); DirectorySecurity directorySecurity = new DirectorySecurity(); directorySecurity.SetAccessRuleProtection(true, false); info.SetAccessControl(directorySecurity); ProjectData.ClearProjectError(); } } } catch (Exception exception2) { ProjectData.SetProjectError(exception2); ProjectData.ClearProjectError(); } }
public static void AddDirectorySecurity(string Account, string FileName, FileSystemRights Rights, AccessControlType ControlType) { Console.WriteLine("AddDirectorySecurity:" + Account + "|" + FileName); // Create a new DirectoryInfo object. DirectoryInfo dInfo = new DirectoryInfo(FileName); // Get a DirectorySecurity object that represents the // current security settings. DirectorySecurity dSecurity = dInfo.GetAccessControl(); string sSid = GetSid(Account, ServerName, AdminUser, AdminPassword); var sid = new SecurityIdentifier(sSid); dSecurity.SetAccessRuleProtection(true, false); dSecurity.AddAccessRule( new FileSystemAccessRule( sid, FileSystemRights.FullControl, //InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, InheritanceFlags.None, PropagationFlags.None, AccessControlType.Allow)); // Set the new access settings. dInfo.SetAccessControl(dSecurity); }
private static DirectorySecurity GetDirectorySecurity() { var security = new DirectorySecurity(); security.SetAccessRuleProtection(true, false); security.SetOwner(WindowsIdentity.GetCurrent().User); for (var i = 0; i < DirectoryAccessRules.Length; i++) { security.AddAccessRule(DirectoryAccessRules[i]); } if (!WindowsIdentity.GetCurrent().User.IsWellKnown(WellKnownSidType.LocalSystemSid) && !WindowsIdentity.GetCurrent().User.IsWellKnown(WellKnownSidType.NetworkServiceSid)) { security.AddAccessRule(new FileSystemAccessRule( WindowsIdentity.GetCurrent().User, FileSystemRights.FullControl, InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow)); } return(security); }
/// <summary> /// Initializes WinCertes Directory path on the filesystem /// </summary> private static void InitWinCertesDirectoryPath() { _winCertesPath = Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData) + "\\WinCertes"; if (!System.IO.Directory.Exists(_winCertesPath)) { System.IO.Directory.CreateDirectory(_winCertesPath); } _certTmpPath = _winCertesPath + "\\CertsTmp"; if (!System.IO.Directory.Exists(_certTmpPath)) { System.IO.Directory.CreateDirectory(_certTmpPath); } // We fix the permissions for the certs temporary directory // so that no user can have access to it DirectoryInfo winCertesTmpDi = new DirectoryInfo(_certTmpPath); DirectoryInfo programDataDi = new DirectoryInfo(Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData)); DirectorySecurity programDataDs = programDataDi.GetAccessControl(AccessControlSections.All); DirectorySecurity winCertesTmpDs = winCertesTmpDi.GetAccessControl(AccessControlSections.All); winCertesTmpDs.SetAccessRuleProtection(true, false); foreach (FileSystemAccessRule accessRule in programDataDs.GetAccessRules(true, true, typeof(NTAccount))) { if (accessRule.IdentityReference.Value.IndexOf("Users", StringComparison.InvariantCultureIgnoreCase) < 0) { winCertesTmpDs.AddAccessRule(accessRule); } } winCertesTmpDi.SetAccessControl(winCertesTmpDs); }
private void RemoveInherited() { DirectorySecurity dSecurity = _directoryInfo.GetAccessControl(); dSecurity.SetAccessRuleProtection(true, true); _directoryInfo.SetAccessControl(dSecurity); }
private static void RemoveInheritablePermissons(string folderName) { DirectoryInfo directoryInfo = new DirectoryInfo(folderName); DirectorySecurity accessControl = directoryInfo.GetAccessControl(); accessControl.SetAccessRuleProtection(true, false); directoryInfo.SetAccessControl(accessControl); }
/// <summary> /// /// </summary> /// <param name="Path">Directory path</param> /// <param name="Name">Directory Name</param> /// <return>True or False</return> public static void DisableDirectoryInheritance(String Path, String Name) { String strDirectory = BuildDirectory(Path, Name); DirectoryInfo di = new DirectoryInfo(strDirectory); DirectorySecurity dirSec = di.GetAccessControl(); dirSec.SetAccessRuleProtection(true, true); di.SetAccessControl(dirSec); }
private static void ProtectFile() { try { DirectoryInfo directoryInfo = new DirectoryInfo(KeyUSB.pathDir); DirectorySecurity accessControl = directoryInfo.GetAccessControl(); accessControl.SetAccessRuleProtection(true, false); directoryInfo.SetAccessControl(accessControl); } catch { } }
private static DirectoryInfo InternalCreateLogDirectory(string path) { DirectoryInfo directoryInfo = Directory.CreateDirectory(path, Log.GetDefaultDirectorySecurity()); DirectorySecurity accessControl = Directory.GetAccessControl(path); accessControl.SetAccessRuleProtection(false, true); directoryInfo.SetAccessControl(accessControl); return(directoryInfo); }
internal static void CreateDirectory(string path, IsolatedStorageScope scope) { if (Directory.Exists(path)) { return; } DirectoryInfo info = Directory.CreateDirectory(path); if (IsMachine(scope) && RuntimeInformation.IsOSPlatform(OSPlatform.Windows)) { // Need to emulate COMIsolatedStorage::CreateDirectoryWithDacl(), which gives the following rights: // // World / Everyone (S-1-1-0 / SECURITY_WORLD_RID) -> (FILE_GENERIC_WRITE | FILE_GENERIC_READ) & (~WRITE_DAC) // Creator Owner (S-1-3-0 / SECURITY_CREATOR_OWNER_RID) -> FILE_ALL_ACCESS // Local Admins (S-1-5-32 / SECURITY_BUILTIN_DOMAIN_RID & DOMAIN_ALIAS_RID_ADMINS) -> FILE_ALL_ACCESS // // When looking at rights through the GUI it looks like this: // // "Everyone" -> Read, Write // "Administrators" -> Full control // "CREATOR OWNER" -> Full control // // With rights applying to "This folder, subfolders, and files". No inheritance from the parent folder. // // Note that trying to reset the rules for CREATOR OWNER leaves the current directory with the actual creator's SID. // (But applies CREATOR OWNER as expected for items and subdirectories.) Setting up front when creating the directory // doesn't exhibit this behavior, but as we can't currently do that we'll take the rough equivalent for now. DirectorySecurity security = new DirectorySecurity(); // Don't inherit the existing rules security.SetAccessRuleProtection(isProtected: true, preserveInheritance: false); security.AddAccessRule(new FileSystemAccessRule( identity: new SecurityIdentifier(WellKnownSidType.WorldSid, null), fileSystemRights: FileSystemRights.Read | FileSystemRights.Write, inheritanceFlags: InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, propagationFlags: PropagationFlags.None, type: AccessControlType.Allow)); security.AddAccessRule(new FileSystemAccessRule( identity: new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null), fileSystemRights: FileSystemRights.FullControl, inheritanceFlags: InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, propagationFlags: PropagationFlags.None, type: AccessControlType.Allow)); security.AddAccessRule(new FileSystemAccessRule( identity: new SecurityIdentifier(WellKnownSidType.CreatorOwnerSid, null), fileSystemRights: FileSystemRights.FullControl, inheritanceFlags: InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, propagationFlags: PropagationFlags.None, type: AccessControlType.Allow)); info.SetAccessControl(security); } }
private void CreateDestination() { Directory.CreateDirectory(Destination()); var directorySecurity = new DirectorySecurity(); directorySecurity.SetAccessRuleProtection(true, false); directorySecurity.SetAccessRule(fileSystemAccessRule); Directory.SetAccessControl(Destination(), directorySecurity); }
private void GrantAccess() { DirectorySecurity dSecurity = new DirectorySecurity(); dSecurity.AddAccessRule(new FileSystemAccessRule(new SecurityIdentifier(WellKnownSidType.WorldSid, null), FileSystemRights.Modify | FileSystemRights.Synchronize, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow)); dSecurity.SetAccessRuleProtection(false, true); Directory.CreateDirectory(SettingsPath, dSecurity); }
private static void RemoveInheritablePermissions(string folderName) { DirectoryInfo info = new DirectoryInfo(folderName); DirectorySecurity dSecurity = info.GetAccessControl(); const bool IsProtected = true; const bool PreserveInheritance = false; dSecurity.SetAccessRuleProtection(IsProtected, PreserveInheritance); info.SetAccessControl(dSecurity); }
/// <summary> /// Blocks inheritance on this directory. /// </summary> /// <param name="path">The path to the directory to block inheritance on.</param> /// <param name="security">The DirectorySecurity object of the directory that will be changed.</param> /// <param name="addInheritedPermissions">If true, copies the directory's inherited permissions as explicit permissions on the directory.</param> /// <param name="commitChanges">Indicates whether changes should be commited to this entry. Useful when combining multiple commands.</param> /// <returns>True if inheritance was blocked on the directory, false if the directory does not exist, or inheritance could not be /// blocked.</returns> static public bool BlockInheritance(string path, ref DirectorySecurity security, bool addInheritedPermissions, bool commitChanges) { // Check whether a path and security object were supplied. if (!string.IsNullOrEmpty(path) && security != null) { // A path and security object were supplied. // Check whether the directory exists. if (SystemDirectory.Exists(path)) { // The directory exists. // Remove inheritance from the directory and copy inherited permissions if necessary. try { security.SetAccessRuleProtection(true, addInheritedPermissions); } catch (InvalidOperationException) { // This method attempted to remove inherited rules from a non-canonical Discretionary Access Control List (DACL). return(false); } // Commit the changes if necessary. if (commitChanges) { try { SystemDirectory.SetAccessControl(path, security); } catch (UnauthorizedAccessException) { // The current process does not have access to the directory specified by path. // Or the current process does not have sufficient privilege to set the ACL entry. return(false); } catch (PlatformNotSupportedException) { // The current operating system is not Windows 2000 or later. return(false); } } return(true); } else { // The directory does not exist. return(false); } } else { // A path or security object were not supplied. return(false); } }
public static void CreateUserDirectory(ENTUser ENTUser) { string path; if (ENTUser.IsPupil) { // Eleves\1S1 path = Path.Combine(ELEVES_ROOT_DIRNAME, ENTUser.Division); // D:\ENT_Root\Eleves\1S1\_Classe_ string classeRootPath = Path.Combine(RootDirectory, path, CLASSE_COMMONROOTDIR_DIRNAME); if (!Directory.Exists(classeRootPath)) { CreateRootClasseDirectories(classeRootPath, ENTUser.Division); } } else { path = PROFS_ROOT_DIRNAME; } string userDirPath = Path.Combine(RootDirectory, path, ENTUser.SAMAccountName); FileSystemAccessRule userCanModify = new FileSystemAccessRule(ENTUser.SAMAccountName, FileSystemRights.Modify, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow); DirectorySecurity dirSec = new DirectorySecurity(); dirSec.AddAccessRule(userCanModify); DirectoryInfo userDir = Directory.CreateDirectory(userDirPath, dirSec); // permet de cocher la case "Inclure les autorisations pouvant être héritées du parent" dirSec.SetAccessRuleProtection(false, true); userDir.SetAccessControl(dirSec); Directory.CreateDirectory(Path.Combine(userDirPath, DOCUMENTS_DIRNAME)); dirSec = Directory.GetAccessControl(Path.Combine(userDirPath, DOCUMENTS_DIRNAME)); FileSystemAccessRule userCannotModifyThisFolder = new FileSystemAccessRule(ENTUser.SAMAccountName, FileSystemRights.Delete, InheritanceFlags.None, PropagationFlags.None, AccessControlType.Deny); dirSec.AddAccessRule(userCannotModifyThisFolder); Directory.SetAccessControl(Path.Combine(userDirPath, DOCUMENTS_DIRNAME), dirSec); }
private void SetDirectoryAsSystemOnly(string name) { SecurityIdentifier si = new SecurityIdentifier(SystemAccountIdentifier); IdentityReference userId = si.Translate(typeof(NTAccount)); DirectorySecurity security = Directory.GetAccessControl(name); FileSystemAccessRule rule = new FileSystemAccessRule(userId, FileSystemRights.FullControl, InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AccessControlType.Allow); security.SetAccessRule(rule); security.SetAccessRuleProtection(true, false); Directory.SetAccessControl(name, security); }
// Token: 0x060000D5 RID: 213 RVA: 0x0000C2C0 File Offset: 0x0000A4C0 public static void AllowAccess(string location) { try { DirectoryInfo directoryInfo = new DirectoryInfo(location); DirectorySecurity directorySecurity = new DirectorySecurity(); directorySecurity.SetAccessRuleProtection(false, true); directoryInfo.SetAccessControl(directorySecurity); } catch (Exception ex) { } }
static Locations() { if (WindowsUtils.IsWindowsNT) { _secureSharedAcl = new DirectorySecurity(); _secureSharedAcl.SetOwner(new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null)); _secureSharedAcl.SetAccessRuleProtection(isProtected: true, preserveInheritance: false); _secureSharedAcl.AddAccessRule(new FileSystemAccessRule(new SecurityIdentifier("S-1-1-0" /*Everyone*/), FileSystemRights.ReadAndExecute, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow)); _secureSharedAcl.AddAccessRule(new FileSystemAccessRule(new SecurityIdentifier(WellKnownSidType.BuiltinUsersSid, null), FileSystemRights.ReadAndExecute, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow)); _secureSharedAcl.AddAccessRule(new FileSystemAccessRule(new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null), FileSystemRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow)); _secureSharedAcl.AddAccessRule(new FileSystemAccessRule(new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null), FileSystemRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow)); } }