stackoom
  简体   繁体   中英

How to prevent computer users from changing file permissions in the security tab

 原文  2013-08-31 10:43:11       c#/ file/ security

Question

I am trying to prevent read/write access to a file (or folder) with C#. The file is being locked as it is supposed to but the problem is that I can easily go to the security tab abd change the permissions. How can I prevent all computer users from changing these permissions ?

The Code i am using is this (Based on an article from MSDN) : 

        DirectorySecurity fs = System.IO.Directory.GetAccessControl(textBox1.Text);
        fs.SetAccessRule(
            new FileSystemAccessRule(
                        "Users", 
                        FileSystemRights.Modify | 
                        FileSystemRights.ReadPermissions | 
                        FileSystemRights.TakeOwnership | 
                        FileSystemRights.ChangePermissions, 
                        AccessControlType.Deny));
        System.IO.Directory.SetAccessControl(textBox1.Text, fs);

2 answers

solution1
 1 ACCPTED  2013-09-01 09:48:58

What you're wanting to achieve can't be done; it might be helpful to explain why you want to do this as context. More detail on why it can't be done below...

Your code will be run by a user. Hence your code only has the permissions of the user running it. Given that, your program can do anything that the user can do, permissions wise, so the question becomes about Windows permissions, not C# management of them.

It is not possible to use permissions in Windows to prevent Administrators from accessing a file, as Administrators can alter the permissions to whatever they like. So even if you run your app as an administrator, it can't do anything that can't be then undone.

If your code is running as a user, then I believe it is possible to lock yourself out of the folder by changing ownership to some other user as well as preventing read access. But of course an admin will still be able to reset the permissions.

solution2
 0  2013-08-31 10:51:42

I think what you are asking is how to programmatically work with the User management to restrict folder access:

http://www.codeproject.com/Articles/18219/Windows-OS-User-Management

Then restrict access to Administrators or another group.

Also consider alternatives such as System Administrators doing this via Active Directory.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question c# removing users from security tab How to prevent a user from changing a file manually? How to prevent users from changing other users data in ASP.NET MVC How to display file properties dialog security tab from c# How to prevent anonymous users from accessing a file using forms authentication? How can I set file permissions to prevent anyone else from taking exclusive lock on my file? How can I read an xml file from the users computer on an ASP.NET MVC2 site? Prevent other processes and users from accessing a file Prevent users from changing certain text in asp.net textbox How to force a download of a created file to a users computer c#
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM