Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

C# File/Directory Permissions

Tags:

c#

I am writing an application to manage user access to files. The short version of a very long story is that I have to use directory and file priveleges to do it. No document management system for our cheap CEO...

Anyway... I have everything working except the case where the user can view which files are in the directory but not actually see the contents of the file. (There may be sensitive HR data in the files.)

I tried FileSystemRights.ListDirectory, but that seems to (dispite MS documentation) set ReadData to true as well. I turn off ReadData (the ability to read the files) and I suddenly have no access to the directory again. The two appear linked.

Any ideas for which permission(s) to set to achieve this?

My current code is:

SetSecurity(pth, usr, FileSystemRights.ListDirectory, AccessControlType.Allow);

...

public void SetSecurity(string dirName, string account,
    FileSystemRights rights, AccessControlType controlType)
{
    // Get a FileSecurity object that represents the
    // current security settings.
    DirectorySecurity dSecurity = Directory.GetAccessControl(dirName);

    dSecurity.AddAccessRule(new FileSystemAccessRule(account, rights, controlType));

    // Set the new access settings.
    Directory.SetAccessControl(dirName, dSecurity);
}

Thanks.

--Jerry

like image 474
Jerry Avatar asked Jan 09 '09 21:01

Jerry


People also ask

What C is used for?

C programming language is a machine-independent programming language that is mainly used to create many types of applications and operating systems such as Windows, and other complicated programs such as the Oracle database, Git, Python interpreter, and games and is considered a programming foundation in the process of ...

Is C or C++ same?

While C and C++ may sound similar, their features and usage differ. C is a procedural programming language that support objects and classes. On the other hand C++ is an enhanced version of C programming with object-oriented programming support.

Is C language easy?

C is a general-purpose language that most programmers learn before moving on to more complex languages. From Unix and Windows to Tic Tac Toe and Photoshop, several of the most commonly used applications today have been built on C. It is easy to learn because: A simple syntax with only 32 keywords.

What is the full name of C?

In the real sense it has no meaning or full form. It was developed by Dennis Ritchie and Ken Thompson at AT&T bell Lab. First, they used to call it as B language then later they made some improvement into it and renamed it as C and its superscript as C++ which was invented by Dr. Stroustroupe.


3 Answers

The FileSystemRights enum maps both ReadData and ListDirectory to the value 1, so the two are 100% equivalent as far as .NET is concerned.

Have you tried Traverse as opposed to ListDirectory?

Edit: Based on this KB article it appears that Windows XP considers them to be the same too, just one applies only to files, and one applies only to directories.

Edit 2: As long as you set the ReadData/ListDirectory access rule to NOT be inherited by child objects, you should be able to apply it to the directory without applying it to the files in the directory. The FileSystemAccessRule class does support changing inheritance flags.

like image 177
Eric Rosenberger Avatar answered Sep 30 '22 04:09

Eric Rosenberger


The files are probably inheriting the security properties from parent.

You may try calling DirectorySecurity.SetAccessRuleProtection(true, false) to prevent the files from inheriting, before calling Directory.SetAccessControl();

like image 26
scottm Avatar answered Sep 30 '22 03:09

scottm


Yep. Traverse (I think it's mis-named) allows me to execute a program within a folder, but NOT view the contents of a folder. Not sure why this is useful, to be honest.

I'm about to tell the CEO that it can't be done and watch the sparks fly again. :P

like image 41
Jerry Avatar answered Sep 30 '22 02:09

Jerry