Reputation: 31848
Remove All Directory Permissions
In C# (2.0) How do I remove all permissions to a directory, so I can limit the access. I will be adding access back to a limited set of users.
Upvotes: 11
Views: 11865
Answers (5)
Reputation: 1
Modules work nice:
Imports System.IO
Imports System.Runtime.CompilerServices
Imports System.Security.AccessControl
Imports System.Security.Principal
Module Module1
Sub Main()
Dim folder = "your folder path"
folder.CreateDirectory()
End Sub
End Module
Module Extensions
<Extension()>
Public Sub CreateDirectory(path As String)
Try
If Not Directory.Exists(path) Then
Dim fEveryone = New SecurityIdentifier(WellKnownSidType.WorldSid, Nothing)
Dim fDirectorySecurity = New DirectorySecurity()
Dim fFileSystemRights = FileSystemRights.FullControl
Dim fInheritanceFlags = InheritanceFlags.ContainerInherit Or InheritanceFlags.ObjectInherit
Dim fPropagationFlags = PropagationFlags.None
Dim fAccessControlType = AccessControlType.Allow
Dim fDirectoryAccessRule = New FileSystemAccessRule(fEveryone, fFileSystemRights, fInheritanceFlags, fPropagationFlags, fAccessControlType)
fDirectorySecurity.AddAccessRule(fDirectoryAccessRule)
Directory.CreateDirectory(path, fDirectorySecurity)
End If
Catch ex As PathTooLongException
Debug.WriteLine("The path {0}; was too long.", path)
Catch ex As UnauthorizedAccessException
Debug.WriteLine("The path {0}; cannot be created because you do not have the rights to create it.", path)
Catch ex As Exception
Debug.WriteLine("Exception in {0} - {1}; {2}", ex.Source, ex, ex.Message)
End Try
End Sub
End Module
Upvotes: 0
Reputation:
Disclaimer: I realise this has already been answered and accepted, and I really wanted to post this as a comment to the accepted answer, however the inability of being able to format comments has forced me to post this as an answer (which, technically, it is)....
I was looking to do the same, and found your question. Stu's answer helped me come up with this solution. (Note that I'm only interested in removing explicit security).
private static DirectorySecurity RemoveExplicitSecurity(DirectorySecurity directorySecurity)
{
AuthorizationRuleCollection rules = directorySecurity.GetAccessRules(true, false, typeof(System.Security.Principal.NTAccount));
foreach (FileSystemAccessRule rule in rules)
directorySecurity.RemoveAccessRule(rule);
return directorySecurity;
}
And this is obviously used as follows:
DirectoryInfo directoryInfo = new DirectoryInfo(path);
DirectorySecurity directorySecurity = directoryInfo.GetAccessControl();
directorySecurity = RemoveExplicitSecurity(directorySecurity);
Directory.SetAccessControl(path, directorySecurity);
Upvotes: 25
Reputation: 29468
System.IO.Directory.GetAccessControl() and then edit the returned FileSecurity object.
Upvotes: 2
Reputation: 11638
Look at the classes in the System.Security.AccessControl namespace, and especially the DirectorySecurity.RemoveAccessRule method.
Also, if you remove all the permissions then you won't be able to add any back afterwards :-)
Upvotes: 8
Reputation: 12816
Here is a great set of articles from CodeProject about Windows ACL programming:
The Windows Access Control Model
Part 3 of the series shows .NET specific methods.
Upvotes: 3
Related Questions
- Set permissions for directories/subdirectories/files
- C# - Set Directory Permissions for All Users in Windows 7
- How to give permissions for folders in c#?
- How to remove all deny permissions on a folder without hardcoding?
- How to reset folder permissions in .NET?
- Remove all default file permissions
- Directory.SetAccessControl set unnecessary permissions
- Unable to remove folder permissions (access rules) using DirectorySecurity facilities
- How to change permissions of a folder inside System32 in C#?
- Remove permissions from a windows folder