/// <summary>
/// Convert the security attribute to an SDDL string.
/// </summary>
/// <returns>The security attribute as an SDDL string.</returns>
public string ToSddl()
{
SecurityDescriptor sd = new SecurityDescriptor {
Sacl = new Acl {
NullAcl = false
}
};
sd.Sacl.Add(new Ace(AceType.ResourceAttribute, AceFlags.None, 0, KnownSids.World)
{
ResourceAttribute = this
});
string sddl = sd.ToSddl(SecurityInformation.Attribute);
var matches = ResourceAttributeRegex.Match(sddl);
if (!matches.Success || matches.Groups.Count != 2)
{
throw new ArgumentException("Invalid resource attribute data.");
}
return(matches.Groups[1].Value);
}
/// <summary>
/// Converts conditional ACE data to an SDDL string
/// </summary>
/// <param name="conditional_data">The conditional application data.</param>
/// <returns>The conditional ACE string.</returns>
public static string ConditionalAceToString(byte[] conditional_data)
{
SecurityDescriptor sd = new SecurityDescriptor
{
Dacl = new Acl
{
NullAcl = false
}
};
sd.Dacl.Add(new Ace(AceType.AllowedCallback, AceFlags.None, 0, KnownSids.World)
{
ApplicationData = conditional_data
});
var matches = ConditionalAceRegex.Match(sd.ToSddl());
if (!matches.Success || matches.Groups.Count != 2)
{
throw new ArgumentException("Invalid condition data");
}
return(matches.Groups[1].Value);
}
/// <summary> /// Get the security descriptor as an SDDL string /// </summary> /// <returns>The security descriptor as an SDDL string</returns> public string GetSddl() => SecurityDescriptor.ToSddl();
/// <summary>
/// Get the security descriptor as an SDDL string
/// </summary>
/// <returns>The security descriptor as an SDDL string</returns>
public string GetSddl()
{
return(SecurityDescriptor.ToSddl());
}