Setting ntfs permissions with c #

xiaoxiao2021-03-05  24

Today I Needed to Set NTFS Permissions In C # on some newly created Directories.

NO Problem I Thought, The CLR WILL HAVE SOMETHING FOR IT Somewhere In Security, SO i Checked Google In the Hopes To Find Which Class To Use.

But Google Didn't Find Anything ... this amazed me. "Why can't i control ntfs permissions with .net?!?"

After Looking for An Hour OR SO, I Found

A GotdotNet User Sample, Called 'ACLS IN .NET'. Finally I Thought, Now It's Going to Be Plug in and set Rights.

Well this library is great. It makes settings ntfs rights so easy.

But It Lacks a bit in documentation. The code i buy it, it could help you. (Or it could show my possibly bad coding style, as far as my knowle doies for know, it Should Be FINE)

Reference The DLL, And Use IT.

Using microsoft.win32.security;

Here's a Method to Add A Dir, And Set NTFS Permissions on It for a given user:

Private Boolean Createdir (String strusepath) {

Boolean Bok;

Try {

Directory.createdIRectory (strsitepath);

SecurityDescriptor secondsc = securityDescriptor.getFileSecurity (strsitepath, security_information.dacl_security_information);

DACL DACL = SECDESC.DACL;

SID SIDUSER = New SID (STRUSERNAME);

// Allow: Folder, Subfolder and Files

// MODIFY

dacl.AddAce (new AceAccessAllowed (sidUser, AccessType.GENERIC_WRITE | AccessType.GENERIC_READ | AccessType.DELETE | AccessType.GENERIC_EXECUTE, AceFlags.OBJECT_INHERIT_ACE | AceFlags.CONTAINER_INHERIT_ACE));

// deny: this folder

// Write Attribs

// Write Extended Attribs

// delete

// Change Permissions

// Take Ownership

DirectoryAccessType DAType = DirectoryAccessType.FILE_WRITE_ATTRIBUTES | DirectoryAccessType.FILE_WRITE_EA | DirectoryAccessType.DELETE | DirectoryAccessType.WRITE_OWNER | DirectoryAccessType.WRITE_DAC; AccessType AType = (AccessType) DAType;

Dacl.addace (New AceaccessDenied (SiDuser, Atype);

SECDESC.SETDACL (DACL);

SECDESC.SETFILESECURITY (STRSITEPATH, Security_INFORMATION.DACL_SECURITY_INFORMATION);

Bok = true;

} catCH {

Bok = false;

}

Return Bok;

} / * CreateDir * /

The aceflags

DETERMINE The Level of Inheritance on The Object.

And the

DirectoryAccesStype is buy to create a

Accesstype with some permissions not in the

Accesstype

ENUM.

I hope this is useful.

转载请注明原文地址:https://www.9cbs.com/read-36156.html

New Post(0)