C# Directory.SetAccessControl设置不必要的权限
我正在尝试设置仅限于管理员的程序安装文件夹权限 有两种情况:文件夹需要创建,并且文件夹已经存在 这是我的密码:C# Directory.SetAccessControl设置不必要的权限,c#,directory,file-permissions,acl,C#,Directory,File Permissions,Acl,我正在尝试设置仅限于管理员的程序安装文件夹权限 有两种情况:文件夹需要创建,并且文件夹已经存在 这是我的密码: public static void CreatePrivateFolder(string path) { SecurityIdentifier sid = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null); DirectorySecurity
public static void CreatePrivateFolder(string path)
{
SecurityIdentifier sid = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null);
DirectorySecurity securityRules = new DirectorySecurity();
FileSystemAccessRule fsRule =
new FileSystemAccessRule(sid, FileSystemRights.FullControl,
InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
PropagationFlags.None, AccessControlType.Allow);
securityRules.SetAccessRule(fsRule);
if (Directory.Exists(path))
{
Directory.SetAccessControl(path, securityRules);
}
else
{
Directory.CreateDirectory(path, securityRules);
}
}
CreateDirectorySetAccessControlc:\\folderCheck谢谢 如果(Directory.Exists(path))块存在,请使用此命令代替
if(Directory.Exists(path))// what is
var existingACL = Directory.GetAccessControl(path);
// remove everything from what is
foreach (FileSystemAccessRule rule in existingACL.GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount)))
existingACL.RemoveAccessRuleAll(rule);
// add yours to what is
existingACL.AddAccessRule (fsRule);
// set again
Directory.SetAccessControl(path, existingACL);
@安丽,谢谢你的回答。当文件夹已存在且具有限制权限时,您的解决方案将起作用。但是,如果文件夹存在时没有限制权限,则代码不会覆盖这些规则,并且文件夹仍然可以访问。