FileSystemWatcher - minimum permissions needed on target directories?

Question

Using the .NET FileSystemWatcher http://msdn.microsoft.com/en-us/library/system.io.filesystemwatcher.aspx to monitor a directory full of files for : Changed; Created; Deleted; Renamed events .

What's the minimum the rights the Account running the FileSystemWatcher needs over the directory it's watching ?

It seems like it would be READ but I can't find that documented anywhere.

Thanks

Answer 1

The underlying API is ReadDirectoryChangesW. The only thing mentioned in the MSDN Library article for it is that the FILE_LIST_DIRECTORY access right is required on the directory handle and the directory needs to be opened with the FILE_FLAG_BACKUP_SEMANTICS option.

The .NET framework code is often helpful. The private FileSystemWatcher.StartRaisingEvents() method uses this code to open the directory handle:

directoryHandle = NativeMethods.CreateFile(
    directory,                                 // Directory name
    UnsafeNativeMethods.FILE_LIST_DIRECTORY,   // access (read-write) mode
    UnsafeNativeMethods.FILE_SHARE_READ |
    UnsafeNativeMethods.FILE_SHARE_DELETE |
    UnsafeNativeMethods.FILE_SHARE_WRITE,      // share mode
    null,                                      // security descriptor
    UnsafeNativeMethods.OPEN_EXISTING,         // how to create
    UnsafeNativeMethods.FILE_FLAG_BACKUP_SEMANTICS |
    UnsafeNativeMethods.FILE_FLAG_OVERLAPPED,  // file attributes
    new SafeFileHandle(IntPtr.Zero, false));   // file with attributes to copy

Use FILE_FLAG_OVERLAPPED only for asynchronous notifications.

Answer 2

If the FileSystemWatcher is based on ReadDirectoryChangesW it needs:

1. FILE_LIST_DIRECTORY on the directory to be monitored
2. The privilege SeBackupPrivilege which allows the holder to read anything while bypassing access checks. The indication for this is the flag FILE_FLAG_BACKUP_SEMANTICS to CreateFile.

This is documented in the description of ReadDirectoryChangesW linked above.