Remove all default file permissions

2020-06-23 10:02发布

站内问答 / C#
821 3 5

I have an C# network application that prompts admins for network proxy authentication information. I ask the user if they want to save this information, which if they choose yes, I encrypt in a unique local file for the user. I would then like to remove all file permissions except the user that created it, but all other users to have the ability to delete the file.

Now, I found MS article below, but it's not helping if I don't know the default users that were setup on the file in the first place. Is there a remove all file permissions? I can then add the individual rights I'm wanting to setup for full access by current user and delete permissions for "All Users" or "Authenticated Users", which looks to be different depending on version of Windows. http://msdn.microsoft.com/en-us/library/system.io.file.setaccesscontrol.aspx

3条回答
Explosion°爆炸
2楼-- · 2020-06-23 10:13

Impersonation may be help you to solve this out.

The term "Impersonation" in a programming context refers to a technique that executes the code under another user context than the user who originally started an application, i.e. the user context is temporarily changed once or multiple times during the execution of an application.

click Here to see implimentation

查看更多
0人赞 添加讨论(0) 举报
戒情不戒烟
3楼-- · 2020-06-23 10:32

I figured it out..

    public void SetFileSecurity(String filePath, String domainName, String userName)
    {
        //get file info
        FileInfo fi = new FileInfo(filePath);

        //get security access
        FileSecurity fs = fi.GetAccessControl();

        //remove any inherited access
        fs.SetAccessRuleProtection(true, false);

        //get any special user access
        AuthorizationRuleCollection rules = fs.GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount));

        //remove any special access
        foreach (FileSystemAccessRule rule in rules)
            fs.RemoveAccessRule(rule);

        //add current user with full control.
        fs.AddAccessRule(new FileSystemAccessRule(domainName + "\\" + userName, FileSystemRights.FullControl, AccessControlType.Allow));

        //add all other users delete only permissions.
        fs.AddAccessRule(new FileSystemAccessRule("Authenticated Users", FileSystemRights.Delete, AccessControlType.Allow));

        //flush security access.
        File.SetAccessControl(filePath, fs);
    }
查看更多
0人赞 添加讨论(0) 举报
萌系小妹纸
4楼-- · 2020-06-23 10:32

If you need to remove for the specific group , you can use this method ;

public static void RemoveGroupPermission(string path, string group_name)
{
      long begin = Datetime.Now.Ticks;

      DirectoryInfo dirInfo = new DirectoryInfo(path);

      DirectorySecurity dirSecurity = dirInfo.GetAccessControl();

      dirSecurity.RemoveAccessRuleAll(new FileSystemAccessRule(Environment.UserDomainName +
                                                              @"\" + group_name, 0, 0));

      dirInfo.SetAccessControl(dirSecurity);

      long end = DateTime.Now.Ticks;

      Console.WriteLine("Tick : " + (end - begin));

}
查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)