public static string GetGroup(this IFileSystemInfo systemInfo)
{
try
{
FileSecurity security = GetFileSecurity(systemInfo);
return(security.GetGroup(typeof(NTAccount)).Value);
}
catch (UnauthorizedAccessException)
{
return("Unknown");
}
}
public static string GetRightsListing(this IFileSystemInfo systemInfo)
{
var builder = new StringBuilder();
builder.Append((char)GetDirectoryIndication(systemInfo));
try
{
FileSecurity security = GetFileSecurity(systemInfo);
var owner = security.GetOwner(typeof(NTAccount));
if (owner == null)
{
}
var ownerRights = new Rights();
var group = security.GetGroup(typeof(NTAccount));
var groupRights = new Rights();
var others = new SecurityIdentifier(WellKnownSidType.BuiltinUsersSid, null).Translate(typeof(NTAccount));
var othersRights = new Rights();
var authorizationRules = security.GetAccessRules(true, true, typeof(NTAccount));
//security.ModifyAccessRule(AccessControlModification.Add,
// new FileSystemAccessRule(owner, FileSystemRights.Modify, AccessControlType.Allow),
// out bool modified);
foreach (AuthorizationRule rule in authorizationRules)
{
FileSystemAccessRule fileRule = rule as FileSystemAccessRule;
if (fileRule != null)
{
if (owner != null && fileRule.IdentityReference == owner)
{
ReadRights(fileRule, ownerRights);
}
else if (group != null && fileRule.IdentityReference == group)
{
ReadRights(fileRule, groupRights);
}
if (fileRule.IdentityReference == others)
{
ReadRights(fileRule, othersRights);
}
}
}
builder.Append(ownerRights);
builder.Append(groupRights);
builder.Append(othersRights);
}
catch (Exception)
{
// Silently hide exception
builder.Append("---------");
}
return(builder.ToString());
}
/// <summary>
/// Replaces the permissions of the file at the given <paramref name="targetPath"/>
/// with the inheritable permissions from the directory at the given <paramref name="sourcePath"/>.
/// </summary>
/// <param name="sourcePath">The path to the directory from which to derive inheritable permissions.</param>
/// <param name="targetPath">The path to the file to which to apply the derived permissions.</param>
public static void ApplyInheritableFilePermissions(string sourcePath, string targetPath)
{
string sourceAbsolutePath = GetAbsolutePath(sourcePath);
string targetAbsolutePath = GetAbsolutePath(targetPath);
DirectorySecurity sourceSecurity = Directory.GetAccessControl(sourceAbsolutePath);
FileSecurity targetSecurity = File.GetAccessControl(targetAbsolutePath);
IdentityReference targetOwner = targetSecurity.GetOwner(typeof(NTAccount));
IdentityReference targetGroup = targetSecurity.GetGroup(typeof(NTAccount));
targetSecurity = new FileSecurity();
// This prevents permissions modifications by the target file's parents (the target's inherited permissions)
targetSecurity.SetAccessRuleProtection(true, false);
foreach (FileSystemAccessRule rule in sourceSecurity.GetAccessRules(true, true, typeof(NTAccount)))
{
// If the inheritance flags indicate that this rule
// is not inheritable by subfolders, skip it
if (!rule.InheritanceFlags.HasFlag(InheritanceFlags.ObjectInherit))
{
continue;
}
IdentityReference identityReference = rule.IdentityReference;
FileSystemRights fileSystemRights = rule.FileSystemRights;
AccessControlType accessControlType = rule.AccessControlType;
// If the rule is associated with the CREATOR OWNER identity or the CREATOR GROUP identity,
// the new rule must instead be associated with the actual owner or group of the target file
if (identityReference.Value == "CREATOR OWNER")
{
identityReference = targetOwner;
}
else if (identityReference.Value == "CREATOR GROUP")
{
identityReference = targetGroup;
}
targetSecurity.AddAccessRule(new FileSystemAccessRule(identityReference, fileSystemRights, accessControlType));
}
File.SetAccessControl(targetAbsolutePath, targetSecurity);
}
void Init(FileSystemInfo fsi)
{
Path = fsi.FullName;
Name = fsi.Name;
CreateTime = fsi.CreationTime;
LastModTime = fsi.LastWriteTime;
Permissions = GetPermissions(fsi.Attributes);
Source = SourceType.Local;
try
{
FileSecurity fs = File.GetAccessControl(fsi.FullName);
Owner = fs.GetOwner(typeof(NTAccount)).ToString();
Group = fs.GetGroup(typeof(NTAccount)).ToString();
}
catch (Exception ex)
{
Log.DebugFormat("Unable to get owner/group. dir={0}, err={1}", fsi.FullName, ex.Message);
}
}
/// <summary>
/// Converts a FileSystemInfo into a FileSystemObject by reading in data about the file
/// </summary>
/// <param name="fileInfo">A reference to a file on disk.</param>
/// <param name="downloadCloud">
/// If the file is hosted in the cloud, the user has the option to include cloud files or not.
/// </param>
/// <param name="includeContentHash">If we should generate a hash of the file.</param>
/// <returns></returns>
public FileSystemObject FilePathToFileSystemObject(string path)
{
FileSystemObject obj = new FileSystemObject(path);
// Get Owner/Group
if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
{
try
{
var fileSecurity = new FileSecurity(path, AccessControlSections.Owner);
IdentityReference oid = fileSecurity.GetOwner(typeof(SecurityIdentifier));
obj.Owner = AsaHelpers.SidToName(oid);
}
catch (Exception e)
{
Log.Verbose("Failed to get owner for {0} ({1}:{2})", path, e.GetType(), e.Message);
}
try
{
var fileSecurity = new FileSecurity(path, AccessControlSections.Group);
IdentityReference gid = fileSecurity.GetGroup(typeof(SecurityIdentifier));
obj.Group = AsaHelpers.SidToName(gid);
}
catch (Exception e)
{
Log.Verbose("Failed to get group for {0} ({1}:{2})", path, e.GetType(), e.Message);
}
try
{
var fileSecurity = new FileSecurity(path, AccessControlSections.Access);
var rules = fileSecurity.GetAccessRules(true, true, typeof(SecurityIdentifier));
obj.Permissions = new Dictionary <string, string>();
foreach (FileSystemAccessRule?rule in rules)
{
if (rule != null)
{
string name = AsaHelpers.SidToName(rule.IdentityReference);
foreach (var permission in rule.FileSystemRights.ToString().Split(','))
{
if (obj.Permissions.ContainsKey(name))
{
obj.Permissions[name] = $"{obj.Permissions[name]},{permission}";
}
else
{
obj.Permissions.Add(name, permission);
}
}
}
}
}
catch (Exception e)
{
Log.Verbose("Failed to get FileSecurity for {0} ({1}:{2})", path, e.GetType(), e.Message);
}
}
else if (RuntimeInformation.IsOSPlatform(OSPlatform.Linux) || RuntimeInformation.IsOSPlatform(OSPlatform.OSX))
{
try
{
var file = new UnixSymbolicLinkInfo(path);
obj.Owner = file.OwnerUser.UserName;
obj.Group = file.OwnerGroup.GroupName;
obj.SetGid = file.IsSetGroup;
obj.SetUid = file.IsSetUser;
obj.Permissions = new Dictionary <string, string>();
if (file.FileAccessPermissions.ToString().Equals("AllPermissions", StringComparison.InvariantCulture))
{
obj.Permissions.Add("User", "Read,Write,Execute");
obj.Permissions.Add("Group", "Read,Write,Execute");
obj.Permissions.Add("Other", "Read,Write,Execute");
}
else
{
var keys = new List <string>()
{
"User", "Group", "Other"
};
var splits = file.FileAccessPermissions.ToString().Split(',').Select(x => x.Trim());
foreach (var key in keys)
{
foreach (var permission in splits.Where((x) => x.StartsWith(key, StringComparison.InvariantCulture)))
{
if (permission.Contains("ReadWriteExecute", StringComparison.InvariantCulture))
{
obj.Permissions.Add(key, "Read,Write,Execute");
}
else
{
if (obj.Permissions.ContainsKey(key))
{
obj.Permissions[key] = $"{obj.Permissions[key]},{permission.Trim().Substring(key.Length)}";
}
else
{
obj.Permissions.Add(key, permission.Trim().Substring(key.Length));
}
}
}
}
}
}
catch (Exception e) when(
e is ArgumentNullException ||
e is ArgumentException ||
e is InvalidOperationException)
{
Log.Verbose("Failed to get permissions for {0} ({1}:{2})", path, e.GetType(), e.Message);
}
}
try
{
FileIOPermission fiop = new FileIOPermission(FileIOPermissionAccess.Read, path);
fiop.Demand();
if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
{
if (Directory.Exists(path))
{
var fileInfo = new DirectoryInfo(path);
if (fileInfo.Attributes.HasFlag(FileAttributes.ReparsePoint))
{
obj.IsLink = true;
obj.Target = NativeMethods.GetFinalPathName(path);
}
else
{
obj.IsDirectory = true;
}
}
else
{
var fileInfo = new FileInfo(path);
obj.Size = fileInfo.Length;
obj.SizeOnDisk = WindowsSizeOnDisk(fileInfo);
// This check is to try to prevent reading of cloud based files (like a
// dropbox folder) and subsequently causing a download, unless the user
// specifically requests it with DownloadCloud.
if (opts.DownloadCloud || obj.SizeOnDisk > 0 || WindowsFileSystemUtils.IsLocal(obj.Path))
{
obj.LastModified = File.GetLastWriteTimeUtc(path);
obj.Created = File.GetCreationTimeUtc(path);
if (opts.GatherHashes == true)
{
obj.ContentHash = FileSystemUtils.GetFileHash(fileInfo);
}
var exeType = FileSystemUtils.GetExecutableType(path);
if (exeType != EXECUTABLE_TYPE.NONE && exeType != EXECUTABLE_TYPE.UNKNOWN)
{
obj.IsExecutable = true;
}
if (exeType == EXECUTABLE_TYPE.WINDOWS)
{
obj.SignatureStatus = WindowsFileSystemUtils.GetSignatureStatus(path);
obj.Characteristics = WindowsFileSystemUtils.GetDllCharacteristics(path);
}
else if (exeType == EXECUTABLE_TYPE.MACOS)
{
obj.MacSignatureStatus = FileSystemUtils.GetMacSignature(path);
}
}
}
}
else
{
UnixSymbolicLinkInfo i = new UnixSymbolicLinkInfo(path);
obj.FileType = i.FileType.ToString();
obj.Size = i.Length;
obj.IsDirectory = false;
switch (i.FileType)
{
case FileTypes.SymbolicLink:
obj.IsLink = true;
obj.Target = i.ContentsPath;
break;
case FileTypes.Fifo:
case FileTypes.Socket:
case FileTypes.BlockDevice:
case FileTypes.CharacterDevice:
case FileTypes.Directory:
obj.IsDirectory = true;
if (path?.EndsWith(".app", StringComparison.InvariantCultureIgnoreCase) ?? false)
{
obj.MacSignatureStatus = FileSystemUtils.GetMacSignature(path);
}
break;
case FileTypes.RegularFile:
var fileInfo = new FileInfo(path);
obj.SizeOnDisk = i.BlocksAllocated * i.BlockSize;
if (opts.DownloadCloud || obj.SizeOnDisk > 0)
{
obj.LastModified = File.GetLastWriteTimeUtc(path);
obj.Created = File.GetCreationTimeUtc(path);
if (opts.GatherHashes)
{
obj.ContentHash = FileSystemUtils.GetFileHash(path);
}
var exeType = FileSystemUtils.GetExecutableType(path);
if (exeType != EXECUTABLE_TYPE.NONE && exeType != EXECUTABLE_TYPE.UNKNOWN)
{
obj.IsExecutable = true;
}
if (exeType == EXECUTABLE_TYPE.WINDOWS)
{
obj.SignatureStatus = WindowsFileSystemUtils.GetSignatureStatus(path);
obj.Characteristics = WindowsFileSystemUtils.GetDllCharacteristics(path);
}
else if (exeType == EXECUTABLE_TYPE.MACOS)
{
obj.MacSignatureStatus = FileSystemUtils.GetMacSignature(path);
}
}
break;
}
}
}
catch (Exception e) when(
e is ArgumentNullException ||
e is SecurityException ||
e is ArgumentException ||
e is UnauthorizedAccessException ||
e is PathTooLongException ||
e is NotSupportedException ||
e is InvalidOperationException ||
e is FileNotFoundException ||
e is Win32Exception ||
e is IOException)
{
Log.Verbose("Failed to create FileInfo from File at {0} ({1}:{2})", path, e.GetType(), e.Message);
}
catch (Exception e)
{
Log.Debug("Should be caught in DirectoryWalker {0} {1}", e.GetType().ToString(), path);
}
try
{
obj.LastModified = File.GetLastWriteTimeUtc(path);
obj.Created = File.GetCreationTimeUtc(path);
}
catch (Exception e)
{
Log.Verbose("Failed to get last modified for {0} ({1}:{2})", path, e.GetType(), e.Message);
}
return(obj);
}
/// <summary>
/// Converts a FileSystemInfo into a FileSystemObject by reading in data about the file
/// </summary>
/// <param name="fileInfo">A reference to a file on disk.</param>
/// <param name="downloadCloud">If the file is hosted in the cloud, the user has the option to include cloud files or not.</param>
/// <param name="INCLUDE_CONTENT_HASH">If we should generate a hash of the file.</param>
/// <returns></returns>
public static FileSystemObject FileSystemInfoToFileSystemObject(FileSystemInfo fileInfo, bool downloadCloud = false, bool INCLUDE_CONTENT_HASH = false)
{
if (fileInfo == null)
{
return(null);
}
FileSystemObject obj = new FileSystemObject()
{
Path = fileInfo.FullName,
PermissionsString = FileSystemUtils.GetFilePermissions(fileInfo),
};
// Get Owner/Group
if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
{
try
{
var fileSecurity = new FileSecurity(fileInfo.FullName, AccessControlSections.All);
IdentityReference oid = fileSecurity.GetOwner(typeof(SecurityIdentifier));
IdentityReference gid = fileSecurity.GetGroup(typeof(SecurityIdentifier));
// Set the Owner and Group to the SID, in case we can't properly translate
obj.Owner = oid.ToString();
obj.Group = gid.ToString();
try
{
// Translate owner into the string representation.
obj.Owner = (oid.Translate(typeof(NTAccount)) as NTAccount).Value;
}
catch (IdentityNotMappedException)
{
Log.Verbose("Couldn't find the Owner from SID {0} for file {1}", oid.ToString(), fileInfo.FullName);
}
try
{
// Translate group into the string representation.
obj.Group = (gid.Translate(typeof(NTAccount)) as NTAccount).Value;
}
catch (IdentityNotMappedException)
{
// This is fine. Some SIDs don't map to NT Accounts.
Log.Verbose("Couldn't find the Group from SID {0} for file {1}", gid.ToString(), fileInfo.FullName);
}
var rules = fileSecurity.GetAccessRules(true, true, typeof(System.Security.Principal.SecurityIdentifier));
foreach (FileSystemAccessRule rule in rules)
{
string name = rule.IdentityReference.Value;
try
{
name = rule.IdentityReference.Translate(typeof(NTAccount)).Value;
}
catch (IdentityNotMappedException)
{
// This is fine. Some SIDs don't map to NT Accounts.
}
foreach (var permission in rule.FileSystemRights.ToString().Split(','))
{
obj.Permissions.Add(new KeyValuePair <string, string>(name, permission));
}
}
}
catch (Exception e) when(
e is ArgumentException ||
e is ArgumentNullException ||
e is DirectoryNotFoundException ||
e is FileNotFoundException ||
e is IOException ||
e is NotSupportedException ||
e is PlatformNotSupportedException ||
e is PathTooLongException ||
e is PrivilegeNotHeldException ||
e is SystemException ||
e is UnauthorizedAccessException)
{
Log.Verbose($"Error instantiating FileSecurity object {obj.Path} {e.GetType().ToString()}");
}
}
else if (RuntimeInformation.IsOSPlatform(OSPlatform.Linux) || RuntimeInformation.IsOSPlatform(OSPlatform.OSX))
{
try
{
var file = new UnixFileInfo(fileInfo.FullName);
obj.Owner = file.OwnerUser.UserName;
obj.Group = file.OwnerGroup.GroupName;
obj.SetGid = file.IsSetGroup;
obj.SetUid = file.IsSetUser;
if (file.FileAccessPermissions.ToString().Equals("AllPermissions", StringComparison.InvariantCulture))
{
obj.Permissions.Add(new KeyValuePair <string, string>("User", "Read"));
obj.Permissions.Add(new KeyValuePair <string, string>("User", "Write"));
obj.Permissions.Add(new KeyValuePair <string, string>("User", "Execute"));
obj.Permissions.Add(new KeyValuePair <string, string>("Group", "Read"));
obj.Permissions.Add(new KeyValuePair <string, string>("Group", "Write"));
obj.Permissions.Add(new KeyValuePair <string, string>("Group", "Execute"));
obj.Permissions.Add(new KeyValuePair <string, string>("Other", "Read"));
obj.Permissions.Add(new KeyValuePair <string, string>("Other", "Write"));
obj.Permissions.Add(new KeyValuePair <string, string>("Other", "Execute"));
}
else
{
foreach (var permission in file.FileAccessPermissions.ToString().Split(',').Where((x) => x.Trim().StartsWith("User", StringComparison.InvariantCulture)))
{
if (permission.Contains("ReadWriteExecute", StringComparison.InvariantCulture))
{
obj.Permissions.Add(new KeyValuePair <string, string>("User", "Read"));
obj.Permissions.Add(new KeyValuePair <string, string>("User", "Write"));
obj.Permissions.Add(new KeyValuePair <string, string>("User", "Execute"));
}
else
{
obj.Permissions.Add(new KeyValuePair <string, string>("User", permission.Trim().Substring(4)));
}
}
foreach (var permission in file.FileAccessPermissions.ToString().Split(',').Where((x) => x.Trim().StartsWith("Group", StringComparison.InvariantCulture)))
{
if (permission.Contains("ReadWriteExecute", StringComparison.InvariantCulture))
{
obj.Permissions.Add(new KeyValuePair <string, string>("Group", "Read"));
obj.Permissions.Add(new KeyValuePair <string, string>("Group", "Write"));
obj.Permissions.Add(new KeyValuePair <string, string>("Group", "Execute"));
}
else
{
obj.Permissions.Add(new KeyValuePair <string, string>("Group", permission.Trim().Substring(5)));
}
}
foreach (var permission in file.FileAccessPermissions.ToString().Split(',').Where((x) => x.Trim().StartsWith("Other", StringComparison.InvariantCulture)))
{
if (permission.Contains("ReadWriteExecute", StringComparison.InvariantCulture))
{
obj.Permissions.Add(new KeyValuePair <string, string>("Other", "Read"));
obj.Permissions.Add(new KeyValuePair <string, string>("Other", "Write"));
obj.Permissions.Add(new KeyValuePair <string, string>("Other", "Execute"));
}
else
{
obj.Permissions.Add(new KeyValuePair <string, string>("Other", permission.Trim().Substring(5)));
}
}
}
}
catch (Exception e) when(
e is ArgumentNullException ||
e is ArgumentException)
{
Log.Verbose($"Failed to get permissions for {fileInfo.FullName} {e.GetType().ToString()}");
}
}
if (fileInfo is DirectoryInfo)
{
obj.IsDirectory = true;
}
else if (fileInfo is FileInfo)
{
obj.Size = (ulong)(fileInfo as FileInfo).Length;
obj.IsDirectory = false;
if (INCLUDE_CONTENT_HASH)
{
obj.ContentHash = FileSystemUtils.GetFileHash(fileInfo);
}
// Set IsExecutable and Signature Status
if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
{
if (WindowsFileSystemUtils.IsLocal(obj.Path) || downloadCloud)
{
if (WindowsFileSystemUtils.NeedsSignature(obj.Path))
{
obj.SignatureStatus = WindowsFileSystemUtils.GetSignatureStatus(fileInfo.FullName);
obj.Characteristics.AddRange(WindowsFileSystemUtils.GetDllCharacteristics(fileInfo.FullName));
obj.IsExecutable = FileSystemUtils.IsExecutable(obj.Path);
}
}
}
else if (RuntimeInformation.IsOSPlatform(OSPlatform.Linux) || RuntimeInformation.IsOSPlatform(OSPlatform.OSX))
{
obj.IsExecutable = FileSystemUtils.IsExecutable(obj.Path);
}
}
return(obj);
}
private void DumpAccessControls(FileInfo info)
{
try
{
IdentityReference idref = null;
FileSecurity fileSecurity = null;
// Get a FileSecurity object that represents the
// current security settings.
fileSecurity = info.GetAccessControl();
// Try to get the NTAccount identity reference
try
{
// Available arguments for the GetGroup method are:
// typeof(System.Security.Principal.NTAccount)
// typeof(System.Security.Principal.SecurityIdentifier)
idref = fileSecurity.GetGroup(typeof(System.Security.Principal.NTAccount));
System.Console.WriteLine(idref.ToString());
}
catch (Exception ex)
{
System.Console.Error.WriteLine(ex.Message);
}
// If the NTAccount identity reference couldn't be retrieved try to get
// the SecurityIdentifier identity reference
if (null == idref)
{
try
{
// Available arguments for the GetGroup method are:
// typeof(System.Security.Principal.NTAccount)
// typeof(System.Security.Principal.SecurityIdentifier)
idref = fileSecurity.GetGroup(typeof(System.Security.Principal.SecurityIdentifier));
System.Console.WriteLine(idref.ToString());
}
catch (Exception ex)
{
System.Console.Error.WriteLine(ex.Message);
}
}
}
catch (NotImplementedException nex)
{
// The Access controls can't be read on this runtime (probably Mono)
// Log it and move on.
string stackTrace = nex.StackTrace;
Match feature = Regex.Match(stackTrace, @"at ([^\[]+)\[0x");
Match location = Regex.Match(stackTrace, @"\] in (.*)$");
if (feature.Success && location.Success)
{
string featureName = feature.Groups[1].ToString().Trim();
string featureLocation = location.Groups[1].ToString().Trim();
System.Console.Error.WriteLine("{0}: '{1}' at {2}", nex.Message, featureName, featureLocation);
}
else
{
System.Console.Error.WriteLine("Feature not implemented: {0}", stackTrace);
}
}
}
/// <summary>
/// Converts a FileSystemInfo into a FileSystemObject by reading in data about the file
/// </summary>
/// <param name="fileInfo">A reference to a file on disk.</param>
/// <param name="downloadCloud">If the file is hosted in the cloud, the user has the option to include cloud files or not.</param>
/// <param name="includeContentHash">If we should generate a hash of the file.</param>
/// <returns></returns>
public static FileSystemObject FilePathToFileSystemObject(string path, bool downloadCloud = false, bool includeContentHash = false)
{
if (path == null)
{
return(null);
}
FileSystemObject obj = new FileSystemObject()
{
Path = path,
};
// Get Owner/Group
if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
{
try
{
var fileSecurity = new FileSecurity(path, AccessControlSections.All);
IdentityReference oid = fileSecurity.GetOwner(typeof(SecurityIdentifier));
IdentityReference gid = fileSecurity.GetGroup(typeof(SecurityIdentifier));
// Set the Owner and Group to the SID, in case we can't properly translate
obj.Owner = oid.ToString();
obj.Group = gid.ToString();
try
{
// Translate owner into the string representation.
obj.Owner = (oid.Translate(typeof(NTAccount)) as NTAccount).Value;
}
catch (IdentityNotMappedException)
{
Log.Verbose("Couldn't find the Owner from SID {0} for file {1}", oid.ToString(), path);
}
try
{
// Translate group into the string representation.
obj.Group = (gid.Translate(typeof(NTAccount)) as NTAccount).Value;
}
catch (IdentityNotMappedException)
{
// This is fine. Some SIDs don't map to NT Accounts.
Log.Verbose("Couldn't find the Group from SID {0} for file {1}", gid.ToString(), path);
}
var rules = fileSecurity.GetAccessRules(true, true, typeof(System.Security.Principal.SecurityIdentifier));
foreach (FileSystemAccessRule rule in rules)
{
string name = rule.IdentityReference.Value;
try
{
name = rule.IdentityReference.Translate(typeof(NTAccount)).Value;
}
catch (IdentityNotMappedException)
{
// This is fine. Some SIDs don't map to NT Accounts.
}
foreach (var permission in rule.FileSystemRights.ToString().Split(','))
{
if (obj.Permissions.ContainsKey(name))
{
obj.Permissions[name] = $"{obj.Permissions[name]},{permission}";
}
else
{
obj.Permissions.Add(name, permission);
}
}
}
}
catch (Exception e) when(
e is ArgumentException ||
e is ArgumentNullException ||
e is DirectoryNotFoundException ||
e is FileNotFoundException ||
e is IOException ||
e is NotSupportedException ||
e is PlatformNotSupportedException ||
e is PathTooLongException ||
e is PrivilegeNotHeldException ||
e is SystemException ||
e is UnauthorizedAccessException)
{
Log.Verbose($"Error instantiating FileSecurity object {obj.Path} {e.GetType().ToString()}");
}
}
else if (RuntimeInformation.IsOSPlatform(OSPlatform.Linux) || RuntimeInformation.IsOSPlatform(OSPlatform.OSX))
{
try
{
var file = new UnixSymbolicLinkInfo(path);
obj.Owner = file.OwnerUser.UserName;
obj.Group = file.OwnerGroup.GroupName;
obj.SetGid = file.IsSetGroup;
obj.SetUid = file.IsSetUser;
if (file.FileAccessPermissions.ToString().Equals("AllPermissions", StringComparison.InvariantCulture))
{
obj.Permissions.Add("User", "Read,Write,Execute");
obj.Permissions.Add("Group", "Read,Write,Execute");
obj.Permissions.Add("Other", "Read,Write,Execute");
}
else
{
var keys = new List <string>()
{
"User", "Group", "Other"
};
var splits = file.FileAccessPermissions.ToString().Split(',').Select(x => x.Trim());
foreach (var key in keys)
{
foreach (var permission in splits.Where((x) => x.StartsWith(key, StringComparison.InvariantCulture)))
{
if (permission.Contains("ReadWriteExecute", StringComparison.InvariantCulture))
{
obj.Permissions.Add(key, "Read,Write,Execute");
}
else
{
if (obj.Permissions.ContainsKey(key))
{
obj.Permissions[key] = $"{obj.Permissions[key]},{permission.Trim().Substring(key.Length)}";
}
else
{
obj.Permissions.Add(key, permission.Trim().Substring(key.Length));
}
}
}
}
}
}
catch (Exception e) when(
e is ArgumentNullException ||
e is ArgumentException ||
e is InvalidOperationException)
{
Log.Debug($"Failed to get permissions for {path} {e.GetType().ToString()}");
}
}
try
{
if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
{
if (Directory.Exists(path))
{
var fileInfo = new DirectoryInfo(path);
if (fileInfo.Attributes.HasFlag(FileAttributes.ReparsePoint))
{
obj.IsLink = true;
obj.Target = NativeMethods.GetFinalPathName(path);
}
else
{
obj.IsDirectory = true;
}
}
else
{
var fileInfo = new FileInfo(path);
obj.Size = (ulong)fileInfo.Length;
if (WindowsFileSystemUtils.IsLocal(obj.Path) || downloadCloud)
{
if (includeContentHash)
{
obj.ContentHash = FileSystemUtils.GetFileHash(fileInfo);
}
obj.IsExecutable = FileSystemUtils.IsExecutable(obj.Path, obj.Size);
if (obj.IsExecutable)
{
obj.SignatureStatus = WindowsFileSystemUtils.GetSignatureStatus(path);
obj.Characteristics.AddRange(WindowsFileSystemUtils.GetDllCharacteristics(path));
}
}
}
}
else
{
UnixSymbolicLinkInfo i = new UnixSymbolicLinkInfo(path);
obj.FileType = i.FileType.ToString();
obj.Size = (ulong)i.Length;
obj.IsDirectory = false;
switch (i.FileType)
{
case FileTypes.SymbolicLink:
obj.IsLink = true;
obj.Target = i.ContentsPath;
break;
case FileTypes.Fifo:
case FileTypes.Socket:
case FileTypes.BlockDevice:
case FileTypes.CharacterDevice:
case FileTypes.Directory:
obj.IsDirectory = true;
break;
case FileTypes.RegularFile:
if (includeContentHash)
{
obj.ContentHash = FileSystemUtils.GetFileHash(path);
}
obj.IsExecutable = FileSystemUtils.IsExecutable(obj.Path, obj.Size);
break;
}
}
}
catch (Exception e) when(
e is ArgumentNullException ||
e is SecurityException ||
e is ArgumentException ||
e is UnauthorizedAccessException ||
e is PathTooLongException ||
e is NotSupportedException ||
e is InvalidOperationException)
{
Log.Verbose("Failed to create FileInfo from File at {0} {1}", path, e.GetType().ToString());
}
catch (Exception e)
{
Log.Debug("Should be caught in DirectoryWalker {0}", e.GetType().ToString());
}
return(obj);
}
private void internal_fill(string file_name)
{
textBoxAcl.Clear();
textBoxSddl.Clear();
AuthorizationRuleCollection dacls = null;
AuthorizationRuleCollection sacls = null;
FileSecurity f_sec = null;
try
{
f_sec = File.GetAccessControl(file_name);
try
{
dacls = f_sec.GetAccessRules(true, true, typeof(NTAccount));
}
catch (Exception ex)
{
textBoxAcl.AppendText(ex.Message);
textBoxAcl.AppendText("\r\n");
}
try
{
sacls = f_sec.GetAuditRules(true, true, typeof(NTAccount));
}
catch (Exception ex)
{
textBoxAcl.AppendText(ex.Message);
textBoxAcl.AppendText("\r\n");
}
StringBuilder sb = new StringBuilder();
sb.Append("Owner\r\n");
sb.Append("=====\r\n");
try
{
sb.Append(f_sec.GetOwner(typeof(NTAccount)).Value);
}
catch (Exception ex)
{
sb.Append(ex.Message);
}
sb.Append("\r\n\r\n");
sb.Append("Primary group\r\n");
sb.Append("=============\r\n");
try
{
sb.Append(f_sec.GetGroup(typeof(NTAccount)).Value);
}
catch (Exception ex)
{
sb.Append(ex.Message);
}
sb.Append("\r\n\r\n");
sb.Append("Access rules\r\n");
sb.Append("============\r\n");
sb.Append(string.Format("Inherit disable: {0}\r\n\r\n", f_sec.AreAccessRulesProtected));
if (dacls != null)
{
foreach (FileSystemAccessRule rule in dacls)
{
sb.Append(string.Format("Identity: {0}\r\n", rule.IdentityReference.Value));
sb.Append(string.Format("Access type: {0}\r\n", rule.AccessControlType.ToString()));
sb.Append(string.Format("Rights: {0}\r\n", rule.FileSystemRights.ToString()));
sb.Append(string.Format("Inheritance: {0}\r\n", rule.InheritanceFlags.ToString()));
sb.Append(string.Format("Inherited: {0}\r\n", rule.IsInherited));
sb.Append(string.Format("Propagation: {0}\r\n", rule.PropagationFlags.ToString()));
sb.Append("\r\n");
}
}
sb.Append("Audit rules\r\n");
sb.Append("===========\r\n");
sb.Append(string.Format("Inherit disable: {0}\r\n\r\n", f_sec.AreAuditRulesProtected));
if (sacls != null)
{
foreach (FileSystemAuditRule rule in sacls)
{
sb.Append(string.Format("Identity: {0}\r\n", rule.IdentityReference.Value));
sb.Append(string.Format("Audit type: {0}\r\n", rule.AuditFlags.ToString()));
sb.Append(string.Format("Rights: {0}\r\n", rule.FileSystemRights.ToString()));
sb.Append(string.Format("Inheritance: {0}\r\n", rule.InheritanceFlags.ToString()));
sb.Append(string.Format("Inherited: {0}\r\n", rule.IsInherited));
sb.Append(string.Format("Propagation: {0}\r\n", rule.PropagationFlags.ToString()));
sb.Append("\r\n");
}
}
textBoxAcl.Font = new Font(FontFamily.GenericMonospace, textBoxAcl.Font.Size);
textBoxSddl.Font = textBoxAcl.Font;
textBoxAcl.Text = sb.ToString();
textBoxSddl.Text = f_sec.GetSecurityDescriptorSddlForm(AccessControlSections.All);
}
catch (Exception ex)
{
textBoxAcl.Font = new Font(FontFamily.GenericMonospace, textBoxAcl.Font.Size);
textBoxSddl.Font = textBoxAcl.Font;
textBoxAcl.Text = string.Format("Cannot get security descriptor. {0}", ex.Message);
}
}
/// <summary>
/// Converts a FileSystemInfo into a FileSystemObject by reading in data about the file
/// </summary>
/// <param name="fileInfo">A reference to a file on disk.</param>
/// <param name="downloadCloud">If the file is hosted in the cloud, the user has the option to include cloud files or not.</param>
/// <param name="includeContentHash">If we should generate a hash of the file.</param>
/// <returns></returns>
public static FileSystemObject FilePathToFileSystemObject(string path, bool downloadCloud = false, bool includeContentHash = false)
{
FileSystemObject obj = new FileSystemObject(path);
// Get Owner/Group
if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
{
try
{
var fileSecurity = new FileSecurity(path, AccessControlSections.All);
IdentityReference oid = fileSecurity.GetOwner(typeof(SecurityIdentifier));
IdentityReference gid = fileSecurity.GetGroup(typeof(SecurityIdentifier));
obj.Owner = AsaHelpers.SidToName(oid);
obj.Group = AsaHelpers.SidToName(gid);
var rules = fileSecurity.GetAccessRules(true, true, typeof(SecurityIdentifier));
foreach (FileSystemAccessRule?rule in rules)
{
if (rule != null)
{
string name = AsaHelpers.SidToName(rule.IdentityReference);
obj.Permissions = new Dictionary <string, string>();
foreach (var permission in rule.FileSystemRights.ToString().Split(','))
{
if (obj.Permissions.ContainsKey(name))
{
obj.Permissions[name] = $"{obj.Permissions[name]},{permission}";
}
else
{
obj.Permissions.Add(name, permission);
}
}
}
}
}
catch (Exception e) when(
e is ArgumentException ||
e is ArgumentNullException ||
e is DirectoryNotFoundException ||
e is FileNotFoundException ||
e is IOException ||
e is NotSupportedException ||
e is PlatformNotSupportedException ||
e is PathTooLongException ||
e is PrivilegeNotHeldException ||
e is SystemException ||
e is UnauthorizedAccessException)
{
Log.Verbose($"Error instantiating FileSecurity object {obj.Path} {e.GetType().ToString()}");
}
}
else if (RuntimeInformation.IsOSPlatform(OSPlatform.Linux) || RuntimeInformation.IsOSPlatform(OSPlatform.OSX))
{
try
{
var file = new UnixSymbolicLinkInfo(path);
obj.Owner = file.OwnerUser.UserName;
obj.Group = file.OwnerGroup.GroupName;
obj.SetGid = file.IsSetGroup;
obj.SetUid = file.IsSetUser;
obj.Permissions = new Dictionary <string, string>();
if (file.FileAccessPermissions.ToString().Equals("AllPermissions", StringComparison.InvariantCulture))
{
obj.Permissions.Add("User", "Read,Write,Execute");
obj.Permissions.Add("Group", "Read,Write,Execute");
obj.Permissions.Add("Other", "Read,Write,Execute");
}
else
{
var keys = new List <string>()
{
"User", "Group", "Other"
};
var splits = file.FileAccessPermissions.ToString().Split(',').Select(x => x.Trim());
foreach (var key in keys)
{
foreach (var permission in splits.Where((x) => x.StartsWith(key, StringComparison.InvariantCulture)))
{
if (permission.Contains("ReadWriteExecute", StringComparison.InvariantCulture))
{
obj.Permissions.Add(key, "Read,Write,Execute");
}
else
{
if (obj.Permissions.ContainsKey(key))
{
obj.Permissions[key] = $"{obj.Permissions[key]},{permission.Trim().Substring(key.Length)}";
}
else
{
obj.Permissions.Add(key, permission.Trim().Substring(key.Length));
}
}
}
}
}
}
catch (Exception e) when(
e is ArgumentNullException ||
e is ArgumentException ||
e is InvalidOperationException)
{
Log.Debug($"Failed to get permissions for {path} {e.GetType().ToString()}");
}
}
try
{
if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
{
if (Directory.Exists(path))
{
var fileInfo = new DirectoryInfo(path);
if (fileInfo.Attributes.HasFlag(FileAttributes.ReparsePoint))
{
obj.IsLink = true;
obj.Target = NativeMethods.GetFinalPathName(path);
}
else
{
obj.IsDirectory = true;
}
}
else
{
var fileInfo = new FileInfo(path);
var size = (ulong)fileInfo.Length;
obj.Size = size;
if (WindowsFileSystemUtils.IsLocal(obj.Path) || downloadCloud)
{
if (includeContentHash)
{
obj.ContentHash = FileSystemUtils.GetFileHash(fileInfo);
}
obj.IsExecutable = FileSystemUtils.IsExecutable(obj.Path, size);
if (obj.IsExecutable != null && (bool)obj.IsExecutable)
{
// TODO: This can be optimized into fewer touches, GetSignatureStatus also runs IsExecutable checks against the first 4 bytes
obj.SignatureStatus = WindowsFileSystemUtils.GetSignatureStatus(path);
obj.Characteristics = WindowsFileSystemUtils.GetDllCharacteristics(path);
}
}
}
}
else
{
UnixSymbolicLinkInfo i = new UnixSymbolicLinkInfo(path);
obj.FileType = i.FileType.ToString();
obj.Size = (ulong)i.Length;
obj.IsDirectory = false;
switch (i.FileType)
{
case FileTypes.SymbolicLink:
obj.IsLink = true;
obj.Target = i.ContentsPath;
break;
case FileTypes.Fifo:
case FileTypes.Socket:
case FileTypes.BlockDevice:
case FileTypes.CharacterDevice:
case FileTypes.Directory:
obj.IsDirectory = true;
break;
case FileTypes.RegularFile:
if (i.HasContents)
{
if (includeContentHash)
{
obj.ContentHash = FileSystemUtils.GetFileHash(path);
}
obj.IsExecutable = FileSystemUtils.IsExecutable(obj.Path, obj.Size);
}
break;
}
}
}
catch (Exception e) when(
e is ArgumentNullException ||
e is SecurityException ||
e is ArgumentException ||
e is UnauthorizedAccessException ||
e is PathTooLongException ||
e is NotSupportedException ||
e is InvalidOperationException)
{
Log.Verbose("Failed to create FileInfo from File at {0} {1}", path, e.GetType().ToString());
}
catch (Exception e)
{
Log.Debug("Should be caught in DirectoryWalker {0}", e.GetType().ToString());
}
try
{
obj.LastModified = File.GetLastWriteTimeUtc(path);
obj.Created = File.GetCreationTimeUtc(path);
}
catch (Exception) { }
return(obj);
}
/// <summary>
/// Converts a FileSystemInfo into a FileSystemObject by reading in data about the file
/// </summary>
/// <param name="fileInfo">A reference to a file on disk.</param>
/// <param name="downloadCloud">If the file is hosted in the cloud, the user has the option to include cloud files or not.</param>
/// <param name="INCLUDE_CONTENT_HASH">If we should generate a hash of the file.</param>
/// <returns></returns>
public static FileSystemObject FileSystemInfoToFileSystemObject(FileSystemInfo fileInfo, bool downloadCloud = false, bool INCLUDE_CONTENT_HASH = false)
{
FileSystemObject obj = new FileSystemObject()
{
Path = fileInfo.FullName,
PermissionsString = FileSystemUtils.GetFilePermissions(fileInfo),
};
try
{
// Get Owner/Group
if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
{
var fileSecurity = new FileSecurity(fileInfo.FullName, AccessControlSections.All);
IdentityReference oid = fileSecurity.GetOwner(typeof(SecurityIdentifier));
IdentityReference gid = fileSecurity.GetGroup(typeof(SecurityIdentifier));
// Set the Owner and Group to the SID, in case we can't properly translate
obj.Owner = oid.ToString();
obj.Group = gid.ToString();
try
{
// Translate owner into the string representation.
obj.Owner = (oid.Translate(typeof(NTAccount)) as NTAccount).Value;
}
catch (IdentityNotMappedException)
{
Log.Verbose("Couldn't find the Owner from SID {0} for file {1}", oid.ToString(), fileInfo.FullName);
}
try
{
// Translate group into the string representation.
obj.Group = (gid.Translate(typeof(NTAccount)) as NTAccount).Value;
}
catch (IdentityNotMappedException)
{
// This is fine. Some SIDs don't map to NT Accounts.
Log.Verbose("Couldn't find the Group from SID {0} for file {1}", gid.ToString(), fileInfo.FullName);
}
obj.Permissions = new List <KeyValuePair <string, string> >();
var rules = fileSecurity.GetAccessRules(true, true, typeof(System.Security.Principal.SecurityIdentifier));
foreach (FileSystemAccessRule rule in rules)
{
string name = rule.IdentityReference.Value;
try
{
name = rule.IdentityReference.Translate(typeof(NTAccount)).Value;
}
catch (IdentityNotMappedException)
{
// This is fine. Some SIDs don't map to NT Accounts.
}
foreach (var permission in rule.FileSystemRights.ToString().Split(','))
{
obj.Permissions.Add(new KeyValuePair <string, string>(name, permission));
}
}
}
else if (RuntimeInformation.IsOSPlatform(OSPlatform.Linux) || RuntimeInformation.IsOSPlatform(OSPlatform.OSX))
{
var file = new UnixFileInfo(fileInfo.FullName);
obj.Owner = file.OwnerUser.UserName;
obj.Group = file.OwnerGroup.GroupName;
obj.SetGid = file.IsSetGroup;
obj.SetUid = file.IsSetUser;
obj.Permissions = new List <KeyValuePair <string, string> >();
if (file.FileAccessPermissions.ToString().Equals("AllPermissions"))
{
obj.Permissions.Add(new KeyValuePair <string, string>("User", "Read"));
obj.Permissions.Add(new KeyValuePair <string, string>("User", "Write"));
obj.Permissions.Add(new KeyValuePair <string, string>("User", "Execute"));
obj.Permissions.Add(new KeyValuePair <string, string>("Group", "Read"));
obj.Permissions.Add(new KeyValuePair <string, string>("Group", "Write"));
obj.Permissions.Add(new KeyValuePair <string, string>("Group", "Execute"));
obj.Permissions.Add(new KeyValuePair <string, string>("Other", "Read"));
obj.Permissions.Add(new KeyValuePair <string, string>("Other", "Write"));
obj.Permissions.Add(new KeyValuePair <string, string>("Other", "Execute"));
}
else
{
foreach (var permission in file.FileAccessPermissions.ToString().Split(',').Where((x) => x.Trim().StartsWith("User")))
{
if (permission.Contains("ReadWriteExecute"))
{
obj.Permissions.Add(new KeyValuePair <string, string>("User", "Read"));
obj.Permissions.Add(new KeyValuePair <string, string>("User", "Write"));
obj.Permissions.Add(new KeyValuePair <string, string>("User", "Execute"));
}
else
{
obj.Permissions.Add(new KeyValuePair <string, string>("User", permission.Trim().Substring(4)));
}
}
foreach (var permission in file.FileAccessPermissions.ToString().Split(',').Where((x) => x.Trim().StartsWith("Group")))
{
if (permission.Contains("ReadWriteExecute"))
{
obj.Permissions.Add(new KeyValuePair <string, string>("Group", "Read"));
obj.Permissions.Add(new KeyValuePair <string, string>("Group", "Write"));
obj.Permissions.Add(new KeyValuePair <string, string>("Group", "Execute"));
}
else
{
obj.Permissions.Add(new KeyValuePair <string, string>("Group", permission.Trim().Substring(5)));
}
}
foreach (var permission in file.FileAccessPermissions.ToString().Split(',').Where((x) => x.Trim().StartsWith("Other")))
{
if (permission.Contains("ReadWriteExecute"))
{
obj.Permissions.Add(new KeyValuePair <string, string>("Other", "Read"));
obj.Permissions.Add(new KeyValuePair <string, string>("Other", "Write"));
obj.Permissions.Add(new KeyValuePair <string, string>("Other", "Execute"));
}
else
{
obj.Permissions.Add(new KeyValuePair <string, string>("Other", permission.Trim().Substring(5)));
}
}
}
}
if (fileInfo is DirectoryInfo)
{
obj.IsDirectory = true;
}
else if (fileInfo is FileInfo)
{
obj.Size = (ulong)(fileInfo as FileInfo).Length;
obj.IsDirectory = false;
if (INCLUDE_CONTENT_HASH)
{
obj.ContentHash = FileSystemUtils.GetFileHash(fileInfo);
}
// Set IsExecutable and Signature Status
if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
{
if (WindowsFileSystemUtils.IsLocal(obj.Path) || downloadCloud)
{
try
{
if (WindowsFileSystemUtils.NeedsSignature(obj.Path))
{
obj.SignatureStatus = WindowsFileSystemUtils.GetSignatureStatus(fileInfo.FullName);
obj.Characteristics = WindowsFileSystemUtils.GetDllCharacteristics(fileInfo.FullName);
obj.IsExecutable = FileSystemUtils.IsExecutable(obj.Path);
}
}
catch (System.UnauthorizedAccessException ex)
{
Log.Verbose(ex, "Couldn't access {0} to check if signature is needed.", fileInfo.FullName);
}
}
}
else if (RuntimeInformation.IsOSPlatform(OSPlatform.Linux) || RuntimeInformation.IsOSPlatform(OSPlatform.OSX))
{
obj.IsExecutable = FileSystemUtils.IsExecutable(obj.Path);
}
}
}
catch (System.UnauthorizedAccessException e)
{
Log.Verbose(e, "Access Denied {0}", fileInfo?.FullName);
}
catch (System.IO.IOException e)
{
Log.Verbose(e, "Couldn't parse {0}", fileInfo?.FullName);
}
catch (Exception e)
{
Log.Warning(e, "Error collecting file system information: {0}", e.Message);
}
return(obj);
}
