public static Stream open(string name, FileMode fileMode, FileAccess fileAccess) { if (VirtualFileSystem.IsVirtualFS(name)) { return(VirtualFileSystem.Open(name, fileMode, fileAccess)); } else if (fileMode == FileMode.Append) { System.Security.AccessControl.FileSecurity security; if (System.IO.File.Exists(name)) { System.IO.FileInfo file = new FileInfo(name); security = file.GetAccessControl(); } else { System.IO.DirectoryInfo directory = new System.IO.DirectoryInfo(System.IO.Path.GetDirectoryName(System.IO.Path.GetFullPath(name))); var parentSecurity = directory.GetAccessControl().GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount)); security = new System.Security.AccessControl.FileSecurity(); foreach (object ruleObject in parentSecurity) { var rule = ruleObject as FileSystemAccessRule; security.AddAccessRule(new FileSystemAccessRule(rule.IdentityReference, rule.FileSystemRights, rule.AccessControlType)); } security.SetAccessRuleProtection(false, false); } return(FileSystemAclExtensions.Create(new FileInfo(name), FileMode.Append, FileSystemRights.AppendData, FileShare.ReadWrite, 1, FileOptions.None, security)); } else { return(new FileStream(name, fileMode, fileAccess, FileShare.ReadWrite, 1, false)); } }
public static FileStream createFile0(string path, FileMode fileMode, FileSystemRights fileSystemRights, FileShare fileShare, int bufferSize, FileOptions fileOptions) { #if !FIRST_PASS System.Security.AccessControl.FileSecurity security = null; if (System.IO.File.Exists(path)) { //If the file already exists, we simply retrieve the current security object and use that System.IO.FileInfo file = new FileInfo(path); security = file.GetAccessControl(); } else { //If the file does not exist, it is a little bit more complicated. Console.Error.WriteLine($"Getting for directory: {path}"); Console.Error.WriteLine($"Parent is: {System.IO.Path.GetDirectoryName(System.IO.Path.GetFullPath(path))}"); System.IO.DirectoryInfo directory = new System.IO.DirectoryInfo(System.IO.Path.GetDirectoryName(System.IO.Path.GetFullPath(path))); Console.Error.WriteLine($"Getting security for: {System.IO.Path.GetDirectoryName(System.IO.Path.GetFullPath(path))}"); var parentSecurity = directory.GetAccessControl().GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount)); security = new System.Security.AccessControl.FileSecurity(); foreach (object ruleObject in parentSecurity) { var rule = ruleObject as FileSystemAccessRule; security.AddAccessRule(new FileSystemAccessRule(rule.IdentityReference, rule.FileSystemRights, rule.AccessControlType)); } security.SetAccessRuleProtection(false, false); } return(FileSystemAclExtensions.Create(new FileInfo(path), fileMode, fileSystemRights, fileShare, bufferSize, fileOptions, security)); #else return(null); #endif }
public static FileStream openStreamForAtomicAppend(string name) { #if !FIRST_PASS System.Security.AccessControl.FileSecurity security; if (System.IO.File.Exists(name)) { System.IO.FileInfo file = new FileInfo(name); security = file.GetAccessControl(); } else { System.IO.DirectoryInfo directory = new System.IO.DirectoryInfo(System.IO.Path.GetDirectoryName(System.IO.Path.GetFullPath(name))); var parentSecurity = directory.GetAccessControl().GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount)); security = new System.Security.AccessControl.FileSecurity(); foreach (object ruleObject in parentSecurity) { var rule = ruleObject as FileSystemAccessRule; security.AddAccessRule(new FileSystemAccessRule(rule.IdentityReference, rule.FileSystemRights, rule.AccessControlType)); } security.SetAccessRuleProtection(false, false); } return(FileSystemAclExtensions.Create(new FileInfo(name), FileMode.Append, FileSystemRights.AppendData, FileShare.ReadWrite, 1, FileOptions.None, security)); #else return(null); #endif }
public static FileStream GetSecureFileStream(string path, int bufferSize, FileOptions options) { if (path == null) throw new ArgumentNullException("path"); if (bufferSize <= 0) throw new ArgumentOutOfRangeException("bufferSize"); if ((options & ~(FileOptions.Asynchronous | FileOptions.DeleteOnClose | FileOptions.Encrypted | FileOptions.RandomAccess | FileOptions.SequentialScan | FileOptions.WriteThrough)) != FileOptions.None) throw new ArgumentOutOfRangeException("options"); new FileIOPermission(FileIOPermissionAccess.Write, path).Demand(); SecurityIdentifier user = WindowsIdentity.GetCurrent().User; FileSecurity fileSecurity = new FileSecurity(); fileSecurity.AddAccessRule(new FileSystemAccessRule(user, FileSystemRights.FullControl, AccessControlType.Allow)); fileSecurity.SetAccessRuleProtection(true, false); fileSecurity.SetOwner(user); // Attempt to create a unique file three times before giving up. // It is highly improbable that there will ever be a name clash, // therefore we do not check to see if the file first exists. for (int attempt = 0; attempt < 3; attempt++) { try { return new FileStream(Path.Combine(path, Path.GetRandomFileName()), FileMode.CreateNew, FileSystemRights.FullControl, FileShare.None, bufferSize, options, fileSecurity); } catch (IOException) { if (attempt == 2) throw; } } // This code can never be reached. // The compiler thinks otherwise. throw new IOException(); }
static private FileSecurity GetSecuritySettings() { FileSecurity security = new FileSecurity(); security.SetAccessRuleProtection(true, false); security.AddAccessRule( (FileSystemAccessRule) security.AccessRuleFactory( new NTAccount( WindowsIdentity.GetCurrent().Name), // Full control -1, false, InheritanceFlags.None, PropagationFlags.None, AccessControlType.Allow)); return security; }
private void RestrictAdminAccess(string path) { FileSecurity fileSecurity = new FileSecurity(); fileSecurity.SetAccessRuleProtection(true, false); SecurityIdentifier securityIdentifier = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null); FileSystemRights fileSystemRight = FileSystemRights.FullControl; AccessControlType accessControlType = AccessControlType.Allow; FileSystemAccessRule fileSystemAccessRule = new FileSystemAccessRule(securityIdentifier, fileSystemRight, accessControlType); fileSecurity.AddAccessRule(fileSystemAccessRule); File.SetAccessControl(path, fileSecurity); }