Take charge of c # file

Question

Take charge of c # file

I am trying to take responsibility for a file and delete it using C #. Iexplorer.exe file, the current default owner is TrustedInstaller. The FileSecurity.SetOwner method seems to set the specified ownership, but does not actually change the original owner and does not throw an exception. Obviously, the following attempt to delete the file throws an exception. What needs to be changed in the code to take responsibility for the file and delete it?

var fileS = File.GetAccessControl(@"C:\Program Files (x86)\Internet Explorer\iexplore.exe"); fileS.SetOwner(new System.Security.Principal.NTAccount(Environment.UserDomainName, Environment.UserName)); File.Delete(@"C:\Program Files (x86)\Internet Explorer\iexplore.exe");

+6

c # file io

alternative Oct. 21 '12 at 15:34

source share

3 answers

Nikolay Khil · Answer 1 · 2012-10-21 16:06

You must explicitly enable SeTakeOwnershipPrivilege :

Ownership of the property is required without discretionary access. This privilege allows you to set the owner value only with values that the owner can legally designate as the owner of the object. User right: take responsibility for files or other objects.

I suggest you read a great article written by Mark Nowak: Manipulating privileges in managed code reliably, reliably, and efficiently .

And / or take a look at its sample .

Update

Usage example:

 var fileS = File.GetAccessControl(@"C:\Program Files (x86)\Internet Explorer\iexplore.exe"); Privilege p; bool ownerChanged = false; try { p = new Privilege(Privilege.TakeOwnership); p.Enable(); fileS.SetOwner(new System.Security.Principal.NTAccount( Environment.UserDomainName, Environment.UserName)); ownerChanged = true; } catch(PrivilegeNotHeldException e) { // privilege not held // TODO: show an error message, write logs, etc. } finally { p.Revert(); } if (ownerChanged) File.Delete(@"C:\Program Files (x86)\Internet Explorer\iexplore.exe");

Josy · Answer 2 · 2013-11-06 16:12

  string filepath = @"C:\Program Files (x86)\Internet Explorer\iexplore.exe"; //Get Currently Applied Access Control FileSecurity fileS = File.GetAccessControl(filepath); //Update it, Grant Current User Full Control SecurityIdentifier cu = WindowsIdentity.GetCurrent().User; fileS.SetOwner(cu); fileS.SetAccessRule(new FileSystemAccessRule(cu, FileSystemRights.FullControl, AccessControlType.Allow)); //Update the Access Control on the File File.SetAccessControl(filepath, fileS); //Delete the file File.Delete(filepath);

Add the following importers

  using System.IO; using System.Security.AccessControl; using System.Security.Principal;

Run the code in elevated mode.

user4553380 · Answer 3 · 2015-02-11 05:33

Works in Windows 8.1 using the Privilege class from the example: Manipulate managed code privileges reliably, reliably, and efficiently

  private bool TryDeleteFile(string fileName) { string filePath = Path.GetFullPath(fileName); var fi = new FileInfo(filePath); bool ownerChanged = false; bool accessChanged = false; bool isDelete = false; FileSecurity fs = fi.GetAccessControl(); Privilege p = new Privilege(Privilege.TakeOwnership); try { p.Enable(); fs.SetOwner(WindowsIdentity.GetCurrent().User); File.SetAccessControl(filePath, fs); //Update the Access Control on the File ownerChanged = true; } catch (PrivilegeNotHeldException ex) { } finally { p.Revert(); } try { fs.SetAccessRule(new FileSystemAccessRule(WindowsIdentity.GetCurrent().User, FileSystemRights.FullControl, AccessControlType.Allow)); File.SetAccessControl(filePath, fs); accessChanged = true; } catch (UnauthorizedAccessException ex) { } if (ownerChanged && accessChanged) { try { fi.Delete(); isDelete = true; } catch (Exception ex) { } } return isDelete; }

Take charge of c # file

More articles: