{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 我只想做你的唯一 的问题《C# - Windows ACL - Applying Inherited Permissions》','https://www.manongdao.com/q-153093.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I've been having problems programatically assigning permissions to Folders / Registry entries. I have managed to assign inheriting permissions using the following code:
FileSystemAccessRule rule = new FileSystemAccessRule(LOGON_USER_NAME, FileSystemRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AccessControlType.Allow);
DirectorySecurity security = new DirectorySecurity();
security.SetAccessRule(rule);
Directory.CreateDirectory(dir);
Directory.SetAccessControl(dir, security);
This correctly sets my file permissions on all the child folders i create as an administrator. However, it does not set the permissions on the dir folder itself. I've played around with a fair few permutations for inheritance and propogation, but not had any joy.
For example, I have:
dir = %programfiles%\Test
If i have created a folder in test (%programfiles%\Test\SubFolder), I have full permissions assigned to it for my user, but I do not have full permissions on %programfiles%\Test. This is really annoying, as I would like to give my user full permissions to do whatever with the Test directory as well.
I am having similar problems with registry permissions, but I believe that if i can solve one, i can solve both of the outstanding issues.
Does anyone know how this can be resolved?
Regards
Tris
For the folder:
For subfolders and files:
both lines need to be in your project. then you get acls that apply to this folder, subfolders and files
I'm hardly an expert here, but after having to figure this out for my own purposes, I believe that Dave's answer, although functional, is overly complicated. You should be able to achieve this with just one rule:
The
PropagationFlags.InheritOnlyparameter used by the OP in their original code is what prevents the access rule from applying to the object itself.Also, you might as well set the directory's security as you're creating it, since .NET provides an overload for just that purpose: