[英]How to check if LocalSystem account has read/write permissions to a specific local directory using C#?
I am having trouble to implement a method that verifies if Windows LocalSystem account has read/write permissions to a directory because I just don't know how to instantiate WindowsIdentity class for LocalSystem account so that I can get the groups this account belongs to.我无法实现一种方法来验证 Windows LocalSystem 帐户是否具有对目录的读/写权限,因为我只是不知道如何为 LocalSystem 帐户实例化 WindowsIdentity class 以便我可以获得该帐户所属的组。
This may work, not sure.这可能有效,不确定。 Search the collection for where
rule.IdentityReference.ToString();
在集合中搜索 where
rule.IdentityReference.ToString();
is "S-1-5-18"
and then check the rule.AccessControlType == Allow
and rule.FileSystemRights == FullControl
.是
"S-1-5-18"
,然后检查rule.AccessControlType == Allow
和rule.FileSystemRights == FullControl
。
DirectoryInfo di = new DirectoryInfo("C:\\temp\\");
System.Security.AccessControl.AuthorizationRuleCollection acl = di.GetAccessControl().GetAccessRules(true, true, typeof(System.Security.Principal.SecurityIdentifier));
StringBuilder sb = new StringBuilder();
for (int i = 0; i < acl.Count; i++) {
System.Security.AccessControl.FileSystemAccessRule rule = (System.Security.AccessControl.FileSystemAccessRule)acl[i];
sb.AppendLine("" + rule.AccessControlType);
sb.AppendLine("" + rule.FileSystemRights);
sb.AppendLine("" + rule.IdentityReference);
sb.AppendLine("" + rule.InheritanceFlags);
sb.AppendLine("" + rule.IsInherited);
sb.AppendLine("" + rule.PropagationFlags);
sb.AppendLine("-----------------------");
}
String s = sb.ToString();
Here is a Microsoft webpage that lists out the well-known security identifiers.这是一个列出众所周知的安全标识符的 Microsoft 网页。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.