The tool that I am developing should provide Full Control access rights to the file created by him. It must be read, modified, and deleted from all Windows accounts and even possible future accounts. Could this be achieved?
I know I can try this for SPECIFIC_USER:
FileSystemAccessRule rule = new FileSystemAccessRule(SPECIFIC_USER, FileSystemRights.FullControl, AccessControlType.Allow); FileSecurity fSecurity = File.GetAccessControl(filePath); fSecurity.SetAccessRule(rule); File.SetAccessControl(filePath, fSecurity);
But how can I provide it to all users? And even possible future bills? If the last part is not possible, how to fulfill the first requirement?
Thank.
EDIT:
This is the code that worked for me. Taken from the defendant’s link.
private bool GrantAccess(string fullPath) { DirectoryInfo dInfo = new DirectoryInfo(fullPath); DirectorySecurity dSecurity = dInfo.GetAccessControl(); dSecurity.AddAccessRule(new FileSystemAccessRule("everyone", FileSystemRights.FullControl, InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, PropagationFlags.NoPropagateInherit, AccessControlType.Allow)); dInfo.SetAccessControl(dSecurity); return true; }
Note the PropagationFlags.NoPropagateInherit , which is required (indicated at the end in the link). This gives privileges even to future accounts.
nawfal Feb 02 '12 at 7:10 2012-02-02 07:10
source share