public static string GetGroup(this IFileSystemInfo systemInfo) { try { FileSecurity security = GetFileSecurity(systemInfo); return(security.GetGroup(typeof(NTAccount)).Value); } catch (UnauthorizedAccessException) { return("Unknown"); } }
public static string GetRightsListing(this IFileSystemInfo systemInfo) { var builder = new StringBuilder(); builder.Append((char)GetDirectoryIndication(systemInfo)); try { FileSecurity security = GetFileSecurity(systemInfo); var owner = security.GetOwner(typeof(NTAccount)); if (owner == null) { } var ownerRights = new Rights(); var group = security.GetGroup(typeof(NTAccount)); var groupRights = new Rights(); var others = new SecurityIdentifier(WellKnownSidType.BuiltinUsersSid, null).Translate(typeof(NTAccount)); var othersRights = new Rights(); var authorizationRules = security.GetAccessRules(true, true, typeof(NTAccount)); //security.ModifyAccessRule(AccessControlModification.Add, // new FileSystemAccessRule(owner, FileSystemRights.Modify, AccessControlType.Allow), // out bool modified); foreach (AuthorizationRule rule in authorizationRules) { FileSystemAccessRule fileRule = rule as FileSystemAccessRule; if (fileRule != null) { if (owner != null && fileRule.IdentityReference == owner) { ReadRights(fileRule, ownerRights); } else if (group != null && fileRule.IdentityReference == group) { ReadRights(fileRule, groupRights); } if (fileRule.IdentityReference == others) { ReadRights(fileRule, othersRights); } } } builder.Append(ownerRights); builder.Append(groupRights); builder.Append(othersRights); } catch (Exception) { // Silently hide exception builder.Append("---------"); } return(builder.ToString()); }
/// <summary> /// Replaces the permissions of the file at the given <paramref name="targetPath"/> /// with the inheritable permissions from the directory at the given <paramref name="sourcePath"/>. /// </summary> /// <param name="sourcePath">The path to the directory from which to derive inheritable permissions.</param> /// <param name="targetPath">The path to the file to which to apply the derived permissions.</param> public static void ApplyInheritableFilePermissions(string sourcePath, string targetPath) { string sourceAbsolutePath = GetAbsolutePath(sourcePath); string targetAbsolutePath = GetAbsolutePath(targetPath); DirectorySecurity sourceSecurity = Directory.GetAccessControl(sourceAbsolutePath); FileSecurity targetSecurity = File.GetAccessControl(targetAbsolutePath); IdentityReference targetOwner = targetSecurity.GetOwner(typeof(NTAccount)); IdentityReference targetGroup = targetSecurity.GetGroup(typeof(NTAccount)); targetSecurity = new FileSecurity(); // This prevents permissions modifications by the target file's parents (the target's inherited permissions) targetSecurity.SetAccessRuleProtection(true, false); foreach (FileSystemAccessRule rule in sourceSecurity.GetAccessRules(true, true, typeof(NTAccount))) { // If the inheritance flags indicate that this rule // is not inheritable by subfolders, skip it if (!rule.InheritanceFlags.HasFlag(InheritanceFlags.ObjectInherit)) { continue; } IdentityReference identityReference = rule.IdentityReference; FileSystemRights fileSystemRights = rule.FileSystemRights; AccessControlType accessControlType = rule.AccessControlType; // If the rule is associated with the CREATOR OWNER identity or the CREATOR GROUP identity, // the new rule must instead be associated with the actual owner or group of the target file if (identityReference.Value == "CREATOR OWNER") { identityReference = targetOwner; } else if (identityReference.Value == "CREATOR GROUP") { identityReference = targetGroup; } targetSecurity.AddAccessRule(new FileSystemAccessRule(identityReference, fileSystemRights, accessControlType)); } File.SetAccessControl(targetAbsolutePath, targetSecurity); }
void Init(FileSystemInfo fsi) { Path = fsi.FullName; Name = fsi.Name; CreateTime = fsi.CreationTime; LastModTime = fsi.LastWriteTime; Permissions = GetPermissions(fsi.Attributes); Source = SourceType.Local; try { FileSecurity fs = File.GetAccessControl(fsi.FullName); Owner = fs.GetOwner(typeof(NTAccount)).ToString(); Group = fs.GetGroup(typeof(NTAccount)).ToString(); } catch (Exception ex) { Log.DebugFormat("Unable to get owner/group. dir={0}, err={1}", fsi.FullName, ex.Message); } }
/// <summary> /// Converts a FileSystemInfo into a FileSystemObject by reading in data about the file /// </summary> /// <param name="fileInfo">A reference to a file on disk.</param> /// <param name="downloadCloud"> /// If the file is hosted in the cloud, the user has the option to include cloud files or not. /// </param> /// <param name="includeContentHash">If we should generate a hash of the file.</param> /// <returns></returns> public FileSystemObject FilePathToFileSystemObject(string path) { FileSystemObject obj = new FileSystemObject(path); // Get Owner/Group if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows)) { try { var fileSecurity = new FileSecurity(path, AccessControlSections.Owner); IdentityReference oid = fileSecurity.GetOwner(typeof(SecurityIdentifier)); obj.Owner = AsaHelpers.SidToName(oid); } catch (Exception e) { Log.Verbose("Failed to get owner for {0} ({1}:{2})", path, e.GetType(), e.Message); } try { var fileSecurity = new FileSecurity(path, AccessControlSections.Group); IdentityReference gid = fileSecurity.GetGroup(typeof(SecurityIdentifier)); obj.Group = AsaHelpers.SidToName(gid); } catch (Exception e) { Log.Verbose("Failed to get group for {0} ({1}:{2})", path, e.GetType(), e.Message); } try { var fileSecurity = new FileSecurity(path, AccessControlSections.Access); var rules = fileSecurity.GetAccessRules(true, true, typeof(SecurityIdentifier)); obj.Permissions = new Dictionary <string, string>(); foreach (FileSystemAccessRule?rule in rules) { if (rule != null) { string name = AsaHelpers.SidToName(rule.IdentityReference); foreach (var permission in rule.FileSystemRights.ToString().Split(',')) { if (obj.Permissions.ContainsKey(name)) { obj.Permissions[name] = $"{obj.Permissions[name]},{permission}"; } else { obj.Permissions.Add(name, permission); } } } } } catch (Exception e) { Log.Verbose("Failed to get FileSecurity for {0} ({1}:{2})", path, e.GetType(), e.Message); } } else if (RuntimeInformation.IsOSPlatform(OSPlatform.Linux) || RuntimeInformation.IsOSPlatform(OSPlatform.OSX)) { try { var file = new UnixSymbolicLinkInfo(path); obj.Owner = file.OwnerUser.UserName; obj.Group = file.OwnerGroup.GroupName; obj.SetGid = file.IsSetGroup; obj.SetUid = file.IsSetUser; obj.Permissions = new Dictionary <string, string>(); if (file.FileAccessPermissions.ToString().Equals("AllPermissions", StringComparison.InvariantCulture)) { obj.Permissions.Add("User", "Read,Write,Execute"); obj.Permissions.Add("Group", "Read,Write,Execute"); obj.Permissions.Add("Other", "Read,Write,Execute"); } else { var keys = new List <string>() { "User", "Group", "Other" }; var splits = file.FileAccessPermissions.ToString().Split(',').Select(x => x.Trim()); foreach (var key in keys) { foreach (var permission in splits.Where((x) => x.StartsWith(key, StringComparison.InvariantCulture))) { if (permission.Contains("ReadWriteExecute", StringComparison.InvariantCulture)) { obj.Permissions.Add(key, "Read,Write,Execute"); } else { if (obj.Permissions.ContainsKey(key)) { obj.Permissions[key] = $"{obj.Permissions[key]},{permission.Trim().Substring(key.Length)}"; } else { obj.Permissions.Add(key, permission.Trim().Substring(key.Length)); } } } } } } catch (Exception e) when( e is ArgumentNullException || e is ArgumentException || e is InvalidOperationException) { Log.Verbose("Failed to get permissions for {0} ({1}:{2})", path, e.GetType(), e.Message); } } try { FileIOPermission fiop = new FileIOPermission(FileIOPermissionAccess.Read, path); fiop.Demand(); if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows)) { if (Directory.Exists(path)) { var fileInfo = new DirectoryInfo(path); if (fileInfo.Attributes.HasFlag(FileAttributes.ReparsePoint)) { obj.IsLink = true; obj.Target = NativeMethods.GetFinalPathName(path); } else { obj.IsDirectory = true; } } else { var fileInfo = new FileInfo(path); obj.Size = fileInfo.Length; obj.SizeOnDisk = WindowsSizeOnDisk(fileInfo); // This check is to try to prevent reading of cloud based files (like a // dropbox folder) and subsequently causing a download, unless the user // specifically requests it with DownloadCloud. if (opts.DownloadCloud || obj.SizeOnDisk > 0 || WindowsFileSystemUtils.IsLocal(obj.Path)) { obj.LastModified = File.GetLastWriteTimeUtc(path); obj.Created = File.GetCreationTimeUtc(path); if (opts.GatherHashes == true) { obj.ContentHash = FileSystemUtils.GetFileHash(fileInfo); } var exeType = FileSystemUtils.GetExecutableType(path); if (exeType != EXECUTABLE_TYPE.NONE && exeType != EXECUTABLE_TYPE.UNKNOWN) { obj.IsExecutable = true; } if (exeType == EXECUTABLE_TYPE.WINDOWS) { obj.SignatureStatus = WindowsFileSystemUtils.GetSignatureStatus(path); obj.Characteristics = WindowsFileSystemUtils.GetDllCharacteristics(path); } else if (exeType == EXECUTABLE_TYPE.MACOS) { obj.MacSignatureStatus = FileSystemUtils.GetMacSignature(path); } } } } else { UnixSymbolicLinkInfo i = new UnixSymbolicLinkInfo(path); obj.FileType = i.FileType.ToString(); obj.Size = i.Length; obj.IsDirectory = false; switch (i.FileType) { case FileTypes.SymbolicLink: obj.IsLink = true; obj.Target = i.ContentsPath; break; case FileTypes.Fifo: case FileTypes.Socket: case FileTypes.BlockDevice: case FileTypes.CharacterDevice: case FileTypes.Directory: obj.IsDirectory = true; if (path?.EndsWith(".app", StringComparison.InvariantCultureIgnoreCase) ?? false) { obj.MacSignatureStatus = FileSystemUtils.GetMacSignature(path); } break; case FileTypes.RegularFile: var fileInfo = new FileInfo(path); obj.SizeOnDisk = i.BlocksAllocated * i.BlockSize; if (opts.DownloadCloud || obj.SizeOnDisk > 0) { obj.LastModified = File.GetLastWriteTimeUtc(path); obj.Created = File.GetCreationTimeUtc(path); if (opts.GatherHashes) { obj.ContentHash = FileSystemUtils.GetFileHash(path); } var exeType = FileSystemUtils.GetExecutableType(path); if (exeType != EXECUTABLE_TYPE.NONE && exeType != EXECUTABLE_TYPE.UNKNOWN) { obj.IsExecutable = true; } if (exeType == EXECUTABLE_TYPE.WINDOWS) { obj.SignatureStatus = WindowsFileSystemUtils.GetSignatureStatus(path); obj.Characteristics = WindowsFileSystemUtils.GetDllCharacteristics(path); } else if (exeType == EXECUTABLE_TYPE.MACOS) { obj.MacSignatureStatus = FileSystemUtils.GetMacSignature(path); } } break; } } } catch (Exception e) when( e is ArgumentNullException || e is SecurityException || e is ArgumentException || e is UnauthorizedAccessException || e is PathTooLongException || e is NotSupportedException || e is InvalidOperationException || e is FileNotFoundException || e is Win32Exception || e is IOException) { Log.Verbose("Failed to create FileInfo from File at {0} ({1}:{2})", path, e.GetType(), e.Message); } catch (Exception e) { Log.Debug("Should be caught in DirectoryWalker {0} {1}", e.GetType().ToString(), path); } try { obj.LastModified = File.GetLastWriteTimeUtc(path); obj.Created = File.GetCreationTimeUtc(path); } catch (Exception e) { Log.Verbose("Failed to get last modified for {0} ({1}:{2})", path, e.GetType(), e.Message); } return(obj); }
/// <summary> /// Converts a FileSystemInfo into a FileSystemObject by reading in data about the file /// </summary> /// <param name="fileInfo">A reference to a file on disk.</param> /// <param name="downloadCloud">If the file is hosted in the cloud, the user has the option to include cloud files or not.</param> /// <param name="INCLUDE_CONTENT_HASH">If we should generate a hash of the file.</param> /// <returns></returns> public static FileSystemObject FileSystemInfoToFileSystemObject(FileSystemInfo fileInfo, bool downloadCloud = false, bool INCLUDE_CONTENT_HASH = false) { if (fileInfo == null) { return(null); } FileSystemObject obj = new FileSystemObject() { Path = fileInfo.FullName, PermissionsString = FileSystemUtils.GetFilePermissions(fileInfo), }; // Get Owner/Group if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows)) { try { var fileSecurity = new FileSecurity(fileInfo.FullName, AccessControlSections.All); IdentityReference oid = fileSecurity.GetOwner(typeof(SecurityIdentifier)); IdentityReference gid = fileSecurity.GetGroup(typeof(SecurityIdentifier)); // Set the Owner and Group to the SID, in case we can't properly translate obj.Owner = oid.ToString(); obj.Group = gid.ToString(); try { // Translate owner into the string representation. obj.Owner = (oid.Translate(typeof(NTAccount)) as NTAccount).Value; } catch (IdentityNotMappedException) { Log.Verbose("Couldn't find the Owner from SID {0} for file {1}", oid.ToString(), fileInfo.FullName); } try { // Translate group into the string representation. obj.Group = (gid.Translate(typeof(NTAccount)) as NTAccount).Value; } catch (IdentityNotMappedException) { // This is fine. Some SIDs don't map to NT Accounts. Log.Verbose("Couldn't find the Group from SID {0} for file {1}", gid.ToString(), fileInfo.FullName); } var rules = fileSecurity.GetAccessRules(true, true, typeof(System.Security.Principal.SecurityIdentifier)); foreach (FileSystemAccessRule rule in rules) { string name = rule.IdentityReference.Value; try { name = rule.IdentityReference.Translate(typeof(NTAccount)).Value; } catch (IdentityNotMappedException) { // This is fine. Some SIDs don't map to NT Accounts. } foreach (var permission in rule.FileSystemRights.ToString().Split(',')) { obj.Permissions.Add(new KeyValuePair <string, string>(name, permission)); } } } catch (Exception e) when( e is ArgumentException || e is ArgumentNullException || e is DirectoryNotFoundException || e is FileNotFoundException || e is IOException || e is NotSupportedException || e is PlatformNotSupportedException || e is PathTooLongException || e is PrivilegeNotHeldException || e is SystemException || e is UnauthorizedAccessException) { Log.Verbose($"Error instantiating FileSecurity object {obj.Path} {e.GetType().ToString()}"); } } else if (RuntimeInformation.IsOSPlatform(OSPlatform.Linux) || RuntimeInformation.IsOSPlatform(OSPlatform.OSX)) { try { var file = new UnixFileInfo(fileInfo.FullName); obj.Owner = file.OwnerUser.UserName; obj.Group = file.OwnerGroup.GroupName; obj.SetGid = file.IsSetGroup; obj.SetUid = file.IsSetUser; if (file.FileAccessPermissions.ToString().Equals("AllPermissions", StringComparison.InvariantCulture)) { obj.Permissions.Add(new KeyValuePair <string, string>("User", "Read")); obj.Permissions.Add(new KeyValuePair <string, string>("User", "Write")); obj.Permissions.Add(new KeyValuePair <string, string>("User", "Execute")); obj.Permissions.Add(new KeyValuePair <string, string>("Group", "Read")); obj.Permissions.Add(new KeyValuePair <string, string>("Group", "Write")); obj.Permissions.Add(new KeyValuePair <string, string>("Group", "Execute")); obj.Permissions.Add(new KeyValuePair <string, string>("Other", "Read")); obj.Permissions.Add(new KeyValuePair <string, string>("Other", "Write")); obj.Permissions.Add(new KeyValuePair <string, string>("Other", "Execute")); } else { foreach (var permission in file.FileAccessPermissions.ToString().Split(',').Where((x) => x.Trim().StartsWith("User", StringComparison.InvariantCulture))) { if (permission.Contains("ReadWriteExecute", StringComparison.InvariantCulture)) { obj.Permissions.Add(new KeyValuePair <string, string>("User", "Read")); obj.Permissions.Add(new KeyValuePair <string, string>("User", "Write")); obj.Permissions.Add(new KeyValuePair <string, string>("User", "Execute")); } else { obj.Permissions.Add(new KeyValuePair <string, string>("User", permission.Trim().Substring(4))); } } foreach (var permission in file.FileAccessPermissions.ToString().Split(',').Where((x) => x.Trim().StartsWith("Group", StringComparison.InvariantCulture))) { if (permission.Contains("ReadWriteExecute", StringComparison.InvariantCulture)) { obj.Permissions.Add(new KeyValuePair <string, string>("Group", "Read")); obj.Permissions.Add(new KeyValuePair <string, string>("Group", "Write")); obj.Permissions.Add(new KeyValuePair <string, string>("Group", "Execute")); } else { obj.Permissions.Add(new KeyValuePair <string, string>("Group", permission.Trim().Substring(5))); } } foreach (var permission in file.FileAccessPermissions.ToString().Split(',').Where((x) => x.Trim().StartsWith("Other", StringComparison.InvariantCulture))) { if (permission.Contains("ReadWriteExecute", StringComparison.InvariantCulture)) { obj.Permissions.Add(new KeyValuePair <string, string>("Other", "Read")); obj.Permissions.Add(new KeyValuePair <string, string>("Other", "Write")); obj.Permissions.Add(new KeyValuePair <string, string>("Other", "Execute")); } else { obj.Permissions.Add(new KeyValuePair <string, string>("Other", permission.Trim().Substring(5))); } } } } catch (Exception e) when( e is ArgumentNullException || e is ArgumentException) { Log.Verbose($"Failed to get permissions for {fileInfo.FullName} {e.GetType().ToString()}"); } } if (fileInfo is DirectoryInfo) { obj.IsDirectory = true; } else if (fileInfo is FileInfo) { obj.Size = (ulong)(fileInfo as FileInfo).Length; obj.IsDirectory = false; if (INCLUDE_CONTENT_HASH) { obj.ContentHash = FileSystemUtils.GetFileHash(fileInfo); } // Set IsExecutable and Signature Status if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows)) { if (WindowsFileSystemUtils.IsLocal(obj.Path) || downloadCloud) { if (WindowsFileSystemUtils.NeedsSignature(obj.Path)) { obj.SignatureStatus = WindowsFileSystemUtils.GetSignatureStatus(fileInfo.FullName); obj.Characteristics.AddRange(WindowsFileSystemUtils.GetDllCharacteristics(fileInfo.FullName)); obj.IsExecutable = FileSystemUtils.IsExecutable(obj.Path); } } } else if (RuntimeInformation.IsOSPlatform(OSPlatform.Linux) || RuntimeInformation.IsOSPlatform(OSPlatform.OSX)) { obj.IsExecutable = FileSystemUtils.IsExecutable(obj.Path); } } return(obj); }
private void DumpAccessControls(FileInfo info) { try { IdentityReference idref = null; FileSecurity fileSecurity = null; // Get a FileSecurity object that represents the // current security settings. fileSecurity = info.GetAccessControl(); // Try to get the NTAccount identity reference try { // Available arguments for the GetGroup method are: // typeof(System.Security.Principal.NTAccount) // typeof(System.Security.Principal.SecurityIdentifier) idref = fileSecurity.GetGroup(typeof(System.Security.Principal.NTAccount)); System.Console.WriteLine(idref.ToString()); } catch (Exception ex) { System.Console.Error.WriteLine(ex.Message); } // If the NTAccount identity reference couldn't be retrieved try to get // the SecurityIdentifier identity reference if (null == idref) { try { // Available arguments for the GetGroup method are: // typeof(System.Security.Principal.NTAccount) // typeof(System.Security.Principal.SecurityIdentifier) idref = fileSecurity.GetGroup(typeof(System.Security.Principal.SecurityIdentifier)); System.Console.WriteLine(idref.ToString()); } catch (Exception ex) { System.Console.Error.WriteLine(ex.Message); } } } catch (NotImplementedException nex) { // The Access controls can't be read on this runtime (probably Mono) // Log it and move on. string stackTrace = nex.StackTrace; Match feature = Regex.Match(stackTrace, @"at ([^\[]+)\[0x"); Match location = Regex.Match(stackTrace, @"\] in (.*)$"); if (feature.Success && location.Success) { string featureName = feature.Groups[1].ToString().Trim(); string featureLocation = location.Groups[1].ToString().Trim(); System.Console.Error.WriteLine("{0}: '{1}' at {2}", nex.Message, featureName, featureLocation); } else { System.Console.Error.WriteLine("Feature not implemented: {0}", stackTrace); } } }
/// <summary> /// Converts a FileSystemInfo into a FileSystemObject by reading in data about the file /// </summary> /// <param name="fileInfo">A reference to a file on disk.</param> /// <param name="downloadCloud">If the file is hosted in the cloud, the user has the option to include cloud files or not.</param> /// <param name="includeContentHash">If we should generate a hash of the file.</param> /// <returns></returns> public static FileSystemObject FilePathToFileSystemObject(string path, bool downloadCloud = false, bool includeContentHash = false) { if (path == null) { return(null); } FileSystemObject obj = new FileSystemObject() { Path = path, }; // Get Owner/Group if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows)) { try { var fileSecurity = new FileSecurity(path, AccessControlSections.All); IdentityReference oid = fileSecurity.GetOwner(typeof(SecurityIdentifier)); IdentityReference gid = fileSecurity.GetGroup(typeof(SecurityIdentifier)); // Set the Owner and Group to the SID, in case we can't properly translate obj.Owner = oid.ToString(); obj.Group = gid.ToString(); try { // Translate owner into the string representation. obj.Owner = (oid.Translate(typeof(NTAccount)) as NTAccount).Value; } catch (IdentityNotMappedException) { Log.Verbose("Couldn't find the Owner from SID {0} for file {1}", oid.ToString(), path); } try { // Translate group into the string representation. obj.Group = (gid.Translate(typeof(NTAccount)) as NTAccount).Value; } catch (IdentityNotMappedException) { // This is fine. Some SIDs don't map to NT Accounts. Log.Verbose("Couldn't find the Group from SID {0} for file {1}", gid.ToString(), path); } var rules = fileSecurity.GetAccessRules(true, true, typeof(System.Security.Principal.SecurityIdentifier)); foreach (FileSystemAccessRule rule in rules) { string name = rule.IdentityReference.Value; try { name = rule.IdentityReference.Translate(typeof(NTAccount)).Value; } catch (IdentityNotMappedException) { // This is fine. Some SIDs don't map to NT Accounts. } foreach (var permission in rule.FileSystemRights.ToString().Split(',')) { if (obj.Permissions.ContainsKey(name)) { obj.Permissions[name] = $"{obj.Permissions[name]},{permission}"; } else { obj.Permissions.Add(name, permission); } } } } catch (Exception e) when( e is ArgumentException || e is ArgumentNullException || e is DirectoryNotFoundException || e is FileNotFoundException || e is IOException || e is NotSupportedException || e is PlatformNotSupportedException || e is PathTooLongException || e is PrivilegeNotHeldException || e is SystemException || e is UnauthorizedAccessException) { Log.Verbose($"Error instantiating FileSecurity object {obj.Path} {e.GetType().ToString()}"); } } else if (RuntimeInformation.IsOSPlatform(OSPlatform.Linux) || RuntimeInformation.IsOSPlatform(OSPlatform.OSX)) { try { var file = new UnixSymbolicLinkInfo(path); obj.Owner = file.OwnerUser.UserName; obj.Group = file.OwnerGroup.GroupName; obj.SetGid = file.IsSetGroup; obj.SetUid = file.IsSetUser; if (file.FileAccessPermissions.ToString().Equals("AllPermissions", StringComparison.InvariantCulture)) { obj.Permissions.Add("User", "Read,Write,Execute"); obj.Permissions.Add("Group", "Read,Write,Execute"); obj.Permissions.Add("Other", "Read,Write,Execute"); } else { var keys = new List <string>() { "User", "Group", "Other" }; var splits = file.FileAccessPermissions.ToString().Split(',').Select(x => x.Trim()); foreach (var key in keys) { foreach (var permission in splits.Where((x) => x.StartsWith(key, StringComparison.InvariantCulture))) { if (permission.Contains("ReadWriteExecute", StringComparison.InvariantCulture)) { obj.Permissions.Add(key, "Read,Write,Execute"); } else { if (obj.Permissions.ContainsKey(key)) { obj.Permissions[key] = $"{obj.Permissions[key]},{permission.Trim().Substring(key.Length)}"; } else { obj.Permissions.Add(key, permission.Trim().Substring(key.Length)); } } } } } } catch (Exception e) when( e is ArgumentNullException || e is ArgumentException || e is InvalidOperationException) { Log.Debug($"Failed to get permissions for {path} {e.GetType().ToString()}"); } } try { if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows)) { if (Directory.Exists(path)) { var fileInfo = new DirectoryInfo(path); if (fileInfo.Attributes.HasFlag(FileAttributes.ReparsePoint)) { obj.IsLink = true; obj.Target = NativeMethods.GetFinalPathName(path); } else { obj.IsDirectory = true; } } else { var fileInfo = new FileInfo(path); obj.Size = (ulong)fileInfo.Length; if (WindowsFileSystemUtils.IsLocal(obj.Path) || downloadCloud) { if (includeContentHash) { obj.ContentHash = FileSystemUtils.GetFileHash(fileInfo); } obj.IsExecutable = FileSystemUtils.IsExecutable(obj.Path, obj.Size); if (obj.IsExecutable) { obj.SignatureStatus = WindowsFileSystemUtils.GetSignatureStatus(path); obj.Characteristics.AddRange(WindowsFileSystemUtils.GetDllCharacteristics(path)); } } } } else { UnixSymbolicLinkInfo i = new UnixSymbolicLinkInfo(path); obj.FileType = i.FileType.ToString(); obj.Size = (ulong)i.Length; obj.IsDirectory = false; switch (i.FileType) { case FileTypes.SymbolicLink: obj.IsLink = true; obj.Target = i.ContentsPath; break; case FileTypes.Fifo: case FileTypes.Socket: case FileTypes.BlockDevice: case FileTypes.CharacterDevice: case FileTypes.Directory: obj.IsDirectory = true; break; case FileTypes.RegularFile: if (includeContentHash) { obj.ContentHash = FileSystemUtils.GetFileHash(path); } obj.IsExecutable = FileSystemUtils.IsExecutable(obj.Path, obj.Size); break; } } } catch (Exception e) when( e is ArgumentNullException || e is SecurityException || e is ArgumentException || e is UnauthorizedAccessException || e is PathTooLongException || e is NotSupportedException || e is InvalidOperationException) { Log.Verbose("Failed to create FileInfo from File at {0} {1}", path, e.GetType().ToString()); } catch (Exception e) { Log.Debug("Should be caught in DirectoryWalker {0}", e.GetType().ToString()); } return(obj); }
private void internal_fill(string file_name) { textBoxAcl.Clear(); textBoxSddl.Clear(); AuthorizationRuleCollection dacls = null; AuthorizationRuleCollection sacls = null; FileSecurity f_sec = null; try { f_sec = File.GetAccessControl(file_name); try { dacls = f_sec.GetAccessRules(true, true, typeof(NTAccount)); } catch (Exception ex) { textBoxAcl.AppendText(ex.Message); textBoxAcl.AppendText("\r\n"); } try { sacls = f_sec.GetAuditRules(true, true, typeof(NTAccount)); } catch (Exception ex) { textBoxAcl.AppendText(ex.Message); textBoxAcl.AppendText("\r\n"); } StringBuilder sb = new StringBuilder(); sb.Append("Owner\r\n"); sb.Append("=====\r\n"); try { sb.Append(f_sec.GetOwner(typeof(NTAccount)).Value); } catch (Exception ex) { sb.Append(ex.Message); } sb.Append("\r\n\r\n"); sb.Append("Primary group\r\n"); sb.Append("=============\r\n"); try { sb.Append(f_sec.GetGroup(typeof(NTAccount)).Value); } catch (Exception ex) { sb.Append(ex.Message); } sb.Append("\r\n\r\n"); sb.Append("Access rules\r\n"); sb.Append("============\r\n"); sb.Append(string.Format("Inherit disable: {0}\r\n\r\n", f_sec.AreAccessRulesProtected)); if (dacls != null) { foreach (FileSystemAccessRule rule in dacls) { sb.Append(string.Format("Identity: {0}\r\n", rule.IdentityReference.Value)); sb.Append(string.Format("Access type: {0}\r\n", rule.AccessControlType.ToString())); sb.Append(string.Format("Rights: {0}\r\n", rule.FileSystemRights.ToString())); sb.Append(string.Format("Inheritance: {0}\r\n", rule.InheritanceFlags.ToString())); sb.Append(string.Format("Inherited: {0}\r\n", rule.IsInherited)); sb.Append(string.Format("Propagation: {0}\r\n", rule.PropagationFlags.ToString())); sb.Append("\r\n"); } } sb.Append("Audit rules\r\n"); sb.Append("===========\r\n"); sb.Append(string.Format("Inherit disable: {0}\r\n\r\n", f_sec.AreAuditRulesProtected)); if (sacls != null) { foreach (FileSystemAuditRule rule in sacls) { sb.Append(string.Format("Identity: {0}\r\n", rule.IdentityReference.Value)); sb.Append(string.Format("Audit type: {0}\r\n", rule.AuditFlags.ToString())); sb.Append(string.Format("Rights: {0}\r\n", rule.FileSystemRights.ToString())); sb.Append(string.Format("Inheritance: {0}\r\n", rule.InheritanceFlags.ToString())); sb.Append(string.Format("Inherited: {0}\r\n", rule.IsInherited)); sb.Append(string.Format("Propagation: {0}\r\n", rule.PropagationFlags.ToString())); sb.Append("\r\n"); } } textBoxAcl.Font = new Font(FontFamily.GenericMonospace, textBoxAcl.Font.Size); textBoxSddl.Font = textBoxAcl.Font; textBoxAcl.Text = sb.ToString(); textBoxSddl.Text = f_sec.GetSecurityDescriptorSddlForm(AccessControlSections.All); } catch (Exception ex) { textBoxAcl.Font = new Font(FontFamily.GenericMonospace, textBoxAcl.Font.Size); textBoxSddl.Font = textBoxAcl.Font; textBoxAcl.Text = string.Format("Cannot get security descriptor. {0}", ex.Message); } }
/// <summary> /// Converts a FileSystemInfo into a FileSystemObject by reading in data about the file /// </summary> /// <param name="fileInfo">A reference to a file on disk.</param> /// <param name="downloadCloud">If the file is hosted in the cloud, the user has the option to include cloud files or not.</param> /// <param name="includeContentHash">If we should generate a hash of the file.</param> /// <returns></returns> public static FileSystemObject FilePathToFileSystemObject(string path, bool downloadCloud = false, bool includeContentHash = false) { FileSystemObject obj = new FileSystemObject(path); // Get Owner/Group if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows)) { try { var fileSecurity = new FileSecurity(path, AccessControlSections.All); IdentityReference oid = fileSecurity.GetOwner(typeof(SecurityIdentifier)); IdentityReference gid = fileSecurity.GetGroup(typeof(SecurityIdentifier)); obj.Owner = AsaHelpers.SidToName(oid); obj.Group = AsaHelpers.SidToName(gid); var rules = fileSecurity.GetAccessRules(true, true, typeof(SecurityIdentifier)); foreach (FileSystemAccessRule?rule in rules) { if (rule != null) { string name = AsaHelpers.SidToName(rule.IdentityReference); obj.Permissions = new Dictionary <string, string>(); foreach (var permission in rule.FileSystemRights.ToString().Split(',')) { if (obj.Permissions.ContainsKey(name)) { obj.Permissions[name] = $"{obj.Permissions[name]},{permission}"; } else { obj.Permissions.Add(name, permission); } } } } } catch (Exception e) when( e is ArgumentException || e is ArgumentNullException || e is DirectoryNotFoundException || e is FileNotFoundException || e is IOException || e is NotSupportedException || e is PlatformNotSupportedException || e is PathTooLongException || e is PrivilegeNotHeldException || e is SystemException || e is UnauthorizedAccessException) { Log.Verbose($"Error instantiating FileSecurity object {obj.Path} {e.GetType().ToString()}"); } } else if (RuntimeInformation.IsOSPlatform(OSPlatform.Linux) || RuntimeInformation.IsOSPlatform(OSPlatform.OSX)) { try { var file = new UnixSymbolicLinkInfo(path); obj.Owner = file.OwnerUser.UserName; obj.Group = file.OwnerGroup.GroupName; obj.SetGid = file.IsSetGroup; obj.SetUid = file.IsSetUser; obj.Permissions = new Dictionary <string, string>(); if (file.FileAccessPermissions.ToString().Equals("AllPermissions", StringComparison.InvariantCulture)) { obj.Permissions.Add("User", "Read,Write,Execute"); obj.Permissions.Add("Group", "Read,Write,Execute"); obj.Permissions.Add("Other", "Read,Write,Execute"); } else { var keys = new List <string>() { "User", "Group", "Other" }; var splits = file.FileAccessPermissions.ToString().Split(',').Select(x => x.Trim()); foreach (var key in keys) { foreach (var permission in splits.Where((x) => x.StartsWith(key, StringComparison.InvariantCulture))) { if (permission.Contains("ReadWriteExecute", StringComparison.InvariantCulture)) { obj.Permissions.Add(key, "Read,Write,Execute"); } else { if (obj.Permissions.ContainsKey(key)) { obj.Permissions[key] = $"{obj.Permissions[key]},{permission.Trim().Substring(key.Length)}"; } else { obj.Permissions.Add(key, permission.Trim().Substring(key.Length)); } } } } } } catch (Exception e) when( e is ArgumentNullException || e is ArgumentException || e is InvalidOperationException) { Log.Debug($"Failed to get permissions for {path} {e.GetType().ToString()}"); } } try { if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows)) { if (Directory.Exists(path)) { var fileInfo = new DirectoryInfo(path); if (fileInfo.Attributes.HasFlag(FileAttributes.ReparsePoint)) { obj.IsLink = true; obj.Target = NativeMethods.GetFinalPathName(path); } else { obj.IsDirectory = true; } } else { var fileInfo = new FileInfo(path); var size = (ulong)fileInfo.Length; obj.Size = size; if (WindowsFileSystemUtils.IsLocal(obj.Path) || downloadCloud) { if (includeContentHash) { obj.ContentHash = FileSystemUtils.GetFileHash(fileInfo); } obj.IsExecutable = FileSystemUtils.IsExecutable(obj.Path, size); if (obj.IsExecutable != null && (bool)obj.IsExecutable) { // TODO: This can be optimized into fewer touches, GetSignatureStatus also runs IsExecutable checks against the first 4 bytes obj.SignatureStatus = WindowsFileSystemUtils.GetSignatureStatus(path); obj.Characteristics = WindowsFileSystemUtils.GetDllCharacteristics(path); } } } } else { UnixSymbolicLinkInfo i = new UnixSymbolicLinkInfo(path); obj.FileType = i.FileType.ToString(); obj.Size = (ulong)i.Length; obj.IsDirectory = false; switch (i.FileType) { case FileTypes.SymbolicLink: obj.IsLink = true; obj.Target = i.ContentsPath; break; case FileTypes.Fifo: case FileTypes.Socket: case FileTypes.BlockDevice: case FileTypes.CharacterDevice: case FileTypes.Directory: obj.IsDirectory = true; break; case FileTypes.RegularFile: if (i.HasContents) { if (includeContentHash) { obj.ContentHash = FileSystemUtils.GetFileHash(path); } obj.IsExecutable = FileSystemUtils.IsExecutable(obj.Path, obj.Size); } break; } } } catch (Exception e) when( e is ArgumentNullException || e is SecurityException || e is ArgumentException || e is UnauthorizedAccessException || e is PathTooLongException || e is NotSupportedException || e is InvalidOperationException) { Log.Verbose("Failed to create FileInfo from File at {0} {1}", path, e.GetType().ToString()); } catch (Exception e) { Log.Debug("Should be caught in DirectoryWalker {0}", e.GetType().ToString()); } try { obj.LastModified = File.GetLastWriteTimeUtc(path); obj.Created = File.GetCreationTimeUtc(path); } catch (Exception) { } return(obj); }
/// <summary> /// Converts a FileSystemInfo into a FileSystemObject by reading in data about the file /// </summary> /// <param name="fileInfo">A reference to a file on disk.</param> /// <param name="downloadCloud">If the file is hosted in the cloud, the user has the option to include cloud files or not.</param> /// <param name="INCLUDE_CONTENT_HASH">If we should generate a hash of the file.</param> /// <returns></returns> public static FileSystemObject FileSystemInfoToFileSystemObject(FileSystemInfo fileInfo, bool downloadCloud = false, bool INCLUDE_CONTENT_HASH = false) { FileSystemObject obj = new FileSystemObject() { Path = fileInfo.FullName, PermissionsString = FileSystemUtils.GetFilePermissions(fileInfo), }; try { // Get Owner/Group if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows)) { var fileSecurity = new FileSecurity(fileInfo.FullName, AccessControlSections.All); IdentityReference oid = fileSecurity.GetOwner(typeof(SecurityIdentifier)); IdentityReference gid = fileSecurity.GetGroup(typeof(SecurityIdentifier)); // Set the Owner and Group to the SID, in case we can't properly translate obj.Owner = oid.ToString(); obj.Group = gid.ToString(); try { // Translate owner into the string representation. obj.Owner = (oid.Translate(typeof(NTAccount)) as NTAccount).Value; } catch (IdentityNotMappedException) { Log.Verbose("Couldn't find the Owner from SID {0} for file {1}", oid.ToString(), fileInfo.FullName); } try { // Translate group into the string representation. obj.Group = (gid.Translate(typeof(NTAccount)) as NTAccount).Value; } catch (IdentityNotMappedException) { // This is fine. Some SIDs don't map to NT Accounts. Log.Verbose("Couldn't find the Group from SID {0} for file {1}", gid.ToString(), fileInfo.FullName); } obj.Permissions = new List <KeyValuePair <string, string> >(); var rules = fileSecurity.GetAccessRules(true, true, typeof(System.Security.Principal.SecurityIdentifier)); foreach (FileSystemAccessRule rule in rules) { string name = rule.IdentityReference.Value; try { name = rule.IdentityReference.Translate(typeof(NTAccount)).Value; } catch (IdentityNotMappedException) { // This is fine. Some SIDs don't map to NT Accounts. } foreach (var permission in rule.FileSystemRights.ToString().Split(',')) { obj.Permissions.Add(new KeyValuePair <string, string>(name, permission)); } } } else if (RuntimeInformation.IsOSPlatform(OSPlatform.Linux) || RuntimeInformation.IsOSPlatform(OSPlatform.OSX)) { var file = new UnixFileInfo(fileInfo.FullName); obj.Owner = file.OwnerUser.UserName; obj.Group = file.OwnerGroup.GroupName; obj.SetGid = file.IsSetGroup; obj.SetUid = file.IsSetUser; obj.Permissions = new List <KeyValuePair <string, string> >(); if (file.FileAccessPermissions.ToString().Equals("AllPermissions")) { obj.Permissions.Add(new KeyValuePair <string, string>("User", "Read")); obj.Permissions.Add(new KeyValuePair <string, string>("User", "Write")); obj.Permissions.Add(new KeyValuePair <string, string>("User", "Execute")); obj.Permissions.Add(new KeyValuePair <string, string>("Group", "Read")); obj.Permissions.Add(new KeyValuePair <string, string>("Group", "Write")); obj.Permissions.Add(new KeyValuePair <string, string>("Group", "Execute")); obj.Permissions.Add(new KeyValuePair <string, string>("Other", "Read")); obj.Permissions.Add(new KeyValuePair <string, string>("Other", "Write")); obj.Permissions.Add(new KeyValuePair <string, string>("Other", "Execute")); } else { foreach (var permission in file.FileAccessPermissions.ToString().Split(',').Where((x) => x.Trim().StartsWith("User"))) { if (permission.Contains("ReadWriteExecute")) { obj.Permissions.Add(new KeyValuePair <string, string>("User", "Read")); obj.Permissions.Add(new KeyValuePair <string, string>("User", "Write")); obj.Permissions.Add(new KeyValuePair <string, string>("User", "Execute")); } else { obj.Permissions.Add(new KeyValuePair <string, string>("User", permission.Trim().Substring(4))); } } foreach (var permission in file.FileAccessPermissions.ToString().Split(',').Where((x) => x.Trim().StartsWith("Group"))) { if (permission.Contains("ReadWriteExecute")) { obj.Permissions.Add(new KeyValuePair <string, string>("Group", "Read")); obj.Permissions.Add(new KeyValuePair <string, string>("Group", "Write")); obj.Permissions.Add(new KeyValuePair <string, string>("Group", "Execute")); } else { obj.Permissions.Add(new KeyValuePair <string, string>("Group", permission.Trim().Substring(5))); } } foreach (var permission in file.FileAccessPermissions.ToString().Split(',').Where((x) => x.Trim().StartsWith("Other"))) { if (permission.Contains("ReadWriteExecute")) { obj.Permissions.Add(new KeyValuePair <string, string>("Other", "Read")); obj.Permissions.Add(new KeyValuePair <string, string>("Other", "Write")); obj.Permissions.Add(new KeyValuePair <string, string>("Other", "Execute")); } else { obj.Permissions.Add(new KeyValuePair <string, string>("Other", permission.Trim().Substring(5))); } } } } if (fileInfo is DirectoryInfo) { obj.IsDirectory = true; } else if (fileInfo is FileInfo) { obj.Size = (ulong)(fileInfo as FileInfo).Length; obj.IsDirectory = false; if (INCLUDE_CONTENT_HASH) { obj.ContentHash = FileSystemUtils.GetFileHash(fileInfo); } // Set IsExecutable and Signature Status if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows)) { if (WindowsFileSystemUtils.IsLocal(obj.Path) || downloadCloud) { try { if (WindowsFileSystemUtils.NeedsSignature(obj.Path)) { obj.SignatureStatus = WindowsFileSystemUtils.GetSignatureStatus(fileInfo.FullName); obj.Characteristics = WindowsFileSystemUtils.GetDllCharacteristics(fileInfo.FullName); obj.IsExecutable = FileSystemUtils.IsExecutable(obj.Path); } } catch (System.UnauthorizedAccessException ex) { Log.Verbose(ex, "Couldn't access {0} to check if signature is needed.", fileInfo.FullName); } } } else if (RuntimeInformation.IsOSPlatform(OSPlatform.Linux) || RuntimeInformation.IsOSPlatform(OSPlatform.OSX)) { obj.IsExecutable = FileSystemUtils.IsExecutable(obj.Path); } } } catch (System.UnauthorizedAccessException e) { Log.Verbose(e, "Access Denied {0}", fileInfo?.FullName); } catch (System.IO.IOException e) { Log.Verbose(e, "Couldn't parse {0}", fileInfo?.FullName); } catch (Exception e) { Log.Warning(e, "Error collecting file system information: {0}", e.Message); } return(obj); }