Home
Products
Forums
Help
Publish Article

How to use FileSecurity class in System.Security.AccessControl namespace in .Net V2.0?

.Net Framework Version: 2.0

In this article I will try to show usage of some of the classes in one of the new namespaces System.Security.AccessControl namespaces intriduced in V2.0 of Microsoft .Net Framework. In earlier version when we wanted to get to the security information about an object in your system, we had to use PInvoke to use Win32 APIs to get to the information like Security Descriptor (SID) or Access Control List (ACL). In V2.0 of the framework Microsoft has introduced this very handy namespace System.Security.AccessControl which provides almost all the functionlity that all of us wanted. The name of this namespace very well describes what to expect from the classes in this namespace. The classes in the namespace are not limited to files only. They provide you all the security access information on objects like Files, Registry, Mutex, Semaphores, etc.

When I started using these classes, I saw that there is practically no documentation available in Map 2004 Preview release of Visual Studio 2005. I had to bang my head couple of times and took some help from ILDASM to figure out what certain parameters are supposed to be. And finally I was able to put together a small C# console application that demonstrates how to use some of the classes to get owner information and access control information on a file object using System.Security.AccessControl.FileSecurity class.

Constructor of FileSecurity class has 2 parameters. First is the complete file path and second is the type of access control information you are interested in. After you construct the object, you can call methods like GetOwner, GetGroup etc. to retreive the security information that you are interested in. For getting all kind of information, you can pass the second parameter value as AccessControlSections.All. You can download the sample code and play with it. You will require Visual Studio 2005 May 2004 Preview version of the IDE to run this project.

using System;
using System.Collections.Generic;
using System.Text;
using System.Security.AccessControl;
using System.Security.Principal;	
namespace FileSecurityApp
{
    class Program
    {
        static void Main(string[] args)
        {
            Console.WriteLine("Third Eye Software Solutions - File Security Sample");
            IdentityReference obOwnerId = null;
            NTAccount obWinPrincipal = null;
            AuthorizationRuleCollection obAccessRules = null;
            FileSecurity obFs = new FileSecurity(@"C:\AutoExec.bat", AccessControlSections.All);
            try
            {
                //
                // Get SID of file owner.
                //

                Type obTypeToGet = Type.GetType("System.Security.Principal.SecurityIdentifier");
                obOwnerId = obFs.GetOwner(obTypeToGet);
                Console.WriteLine("File Owner SID is : {0}", obOwnerId);

                //
                // Now we will try to get winodws principal information.
                //

                obTypeToGet = Type.GetType("System.Security.Principal.NTAccount");
                obWinPrincipal = (NTAccount)obFs.GetOwner(obTypeToGet);
                Console.WriteLine("File Owner is : {0}", obWinPrincipal);

                //
                // Get Access Rules collection.
                //

                obAccessRules = obFs.GetAccessRules(true, true, obTypeToGet);
                if (null != obAccessRules)
                {
                    Console.WriteLine("Total access rules are = {0}", obAccessRules.Count);
                    foreach (AuthorizationRule obAuthRule in obAccessRules)
                    {
                        AccessRule obAccessRule = (AccessRule)obAuthRule;
                        Console.WriteLine("AuthRule : Inherited={0}, Id={1}, AccessType={2}",
                            obAuthRule.IsInherited, obAuthRule.IdentityReference, obAccessRule.AccessControlType);
                    }
                }

            }
            catch (Exception ex)
            {
                Console.WriteLine(ex.Message);
                Console.WriteLine(ex.StackTrace);
            }
        }
    }
}					
						
Go Freelance
Home     About us     Contact us    Copyright    Privacy Policy    Return Policy    Advertisers
Copyright © Netomatix