Re: Determine if IdentityReference is a Security Group
- From: Dominick Baier <dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 9 Jan 2008 20:31:11 +0000 (UTC)
How about SecurityIdentifier.IsAccountSid() ??
-----
Dominick Baier (http://www.leastprivilege.com)
Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)
Hi All,
I've been trudging through old posts, but can't seem to find an
answer. This is the 'Effective Permissions' problem. I've seen a lot
of 'You Can't" and "Do it Using PInvoke/Windows API". I'd like to stay
with a C# solution. Google is only returning two pages. The pages
returned are more of the question, "Is the user a member of a
group?" [1].
From the files system object (directory or file), I have a collection
of AuthorizationRules. I need place the rules (some hand waiving) into
bins to enforce Windows Security business logic (order of Allow/Deny
and User/Group matters):
DenyUser
DenyGroups
AllowUser
AllowGroups
Allow and Deny are easily obtained from IdentityReference. The Sid is
easily obtained also. However, given an IdentityReference (or SID),
how do I determine if it is a Security Group? In a nushell, I want:
IsSecurityGroup( IdentityReference id ) or
IsSecurityGroup( SecurityIdentifier sid )
WindowsIdentity Class does not offer the function [2]. Given a user,
WindowsIdentity will give me a list of the user's groups. But I do not
need this information.
Thanks,
Jeff
Jeffrey Walton
[1]
http://groups.google.com/groups?hl=en&q=c%23+IdentityReference+group
[2]
http://msdn2.microsoft.com/en-us/library/system.security.principal.win
dowsidentity.aspx
.
- Prev by Date: Re: Determine if IdentityReference is a Security Group
- Next by Date: Re: Encryption scheme using RSA
- Previous by thread: Re: Determine if IdentityReference is a Security Group
- Index(es):
Relevant Pages
|
