private static void AllowFileAccess(AppContainerProfile container, string folder, FileAccessRights accessRights) { var securityInfo = Win32Security.GetSecurityInfo( folder, SeObjectType.File, SecurityInformation.Dacl); var existingAce = securityInfo.Dacl.FirstOrDefault(d => d.Sid == container.Sid); if (existingAce is not null && existingAce.Type == AceType.Allowed && existingAce.Mask == accessRights && existingAce.Flags == (AceFlags.ContainerInherit | AceFlags.ObjectInherit)) { // Ace already exists. return; } var ace = new Ace( AceType.Allowed, AceFlags.ContainerInherit | AceFlags.ObjectInherit, accessRights, container.Sid); securityInfo.AddAce(ace); Win32Security.SetSecurityInfo( folder, SeObjectType.File, SecurityInformation.Dacl, securityInfo, true); }
private void SetNamedSecurityInfo() { bool do_callback = ShowProgress || PassThru; if (Type == SeObjectType.Service) { SecurityInformation &= SecurityInformation.Owner | SecurityInformation.Group | SecurityInformation.Dacl | SecurityInformation.Label | SecurityInformation.Sacl; } string path = Name; if (Type == SeObjectType.File) { path = PSUtils.ResolveWin32Path(SessionState, path, false); } if (do_callback || Action != TreeSecInfo.Set) { TreeProgressFunction fn = ProgressFunction; NtStatus status = Win32Security.SetSecurityInfo(path, Type, SecurityInformation, SecurityDescriptor, Action, do_callback ? fn : null, ShowProgress ? ProgressInvokeSetting.PrePostError : ProgressInvokeSetting.EveryObject, !PassThru); if (!PassThru) { status.ToNtException(); } } else { Win32Security.SetSecurityInfo(path, Type, SecurityInformation, SecurityDescriptor); } }
/// <summary> /// Process Record. /// </summary> protected override void ProcessRecord() { switch (ParameterSetName) { case "FromName": SetNamedSecurityInfo(); break; case "FromObject": Win32Security.SetSecurityInfo(Object, Type, SecurityInformation, SecurityDescriptor); break; case "FromHandle": Win32Security.SetSecurityInfo(Handle, Type, SecurityInformation, SecurityDescriptor); break; } }
private void SetNamedSecurityInfo() { bool do_callback = ShowProgress || PassThru; if (do_callback || Action != TreeSecInfo.Set) { TreeProgressFunction fn = ProgressFunction; NtStatus status = Win32Security.SetSecurityInfo(Name, Type, SecurityInformation, SecurityDescriptor, Action, do_callback ? fn : null, ShowProgress ? ProgressInvokeSetting.PrePostError : ProgressInvokeSetting.EveryObject, !PassThru); if (!PassThru) { status.ToNtException(); } } else { Win32Security.SetSecurityInfo(Name, Type, SecurityInformation, SecurityDescriptor); } }