RE: New System.Security.AccessControl classes

From: brckcc (brckcc_at_newsgroup.nospam)
Date: 10/31/05 

Date: Mon, 31 Oct 2005 06:56:06 -0800

Thank you. This will help. 

-- 
Bruce R.
""Jeffrey Tan[MSFT]"" wrote:
> Hi Bruce,
> 
> Thanks for your post.
> 
> Based on my understanding, you want to do the Security Descriptor dump for 
> files/folders with .Net2.0 classes. 
> 
> In .Net2.0, doing ACL programming is much easier than before, .Net provided 
> managed classes for ACL programming. Below is a code snippet for dumping 
> the owner and DACL of a file:
> 
> private void button1_Click(object sender, EventArgs e)
> {
>     FileSecurity sd=File.GetAccessControl(@"C:\boot.ini");
>     PrintOwerAndDACL(sd);
> }
> 
> static void PrintOwerAndDACL(FileSecurity sd)
> {
> 
>     Console.WriteLine("Owner: {0}", sd.GetOwner(typeof(NTAccount)));
>     // rule represents an ACE
>     foreach (FileSystemAccessRule rule in sd.GetAccessRules(true, true, 
> typeof(NTAccount)))
>     {
>         PrintACE(rule);
>     }
> }
> 
> static void PrintACE(FileSystemAccessRule rule)
> {
>     Console.WriteLine("{0} {1} to {2} ({3})",AccessControlType.Allow == 
> rule.AccessControlType ?
>       "grant" : "deny",
>       rule.FileSystemRights, // access permission mask
>       rule.IdentityReference,
>       rule.IsInherited ? "inherited" : "direct");
> }
> 
> Addtionally, Keith brown has writen an excellent windows security book for 
> .Net 2.0, there is an online version in the link below:
> "The .NET Developer's Guide to Windows Security" 
> http://pluralsight.com/wiki/default.aspx/Keith.GuideBook.HomePage
> 
> Hope this helps
> 
> Best regards,
> Jeffrey Tan
> Microsoft Online Partner Support
> Get Secure! - www.microsoft.com/security
> This posting is provided "as is" with no warranties and confers no rights.
> 
>
Quantcast