|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Allow inheritable permissions form the parent to propagate...the directory inherit that directory's ACL. I am currently setting permissions like this: ActiveDs.SecurityDescriptor sd = null; ActiveDs.AccessControlEntryClass ace = null; ADsSecurityUtilityClass asu = new ADsSecurityUtilityClass(); asu.SecurityMask = (int)(ADS_SECURITY_INFO_ENUM.ADS_SECURITY_INFO_OWNER | ADS_SECURITY_INFO_ENUM.ADS_SECURITY_INFO_DACL); sd = asu.GetSecurityDescriptor(folder,(int)ADS_PATHTYPE_ENUM.ADS_PATH_FILE, (int)ADS_SD_FORMAT_ENUM.ADS_SD_FORMAT_IID) as ActiveDs.SecurityDescriptor; AccessControlList dacl = sd.DiscretionaryAcl as AccessControlList; if(dacl != null) { ace = new AccessControlEntryClass(); ace.Trustee = sid; ace.AccessMask = (int)perm; // FILE_ALL_ACCESS, FILE_GENERIC_READ, etc. from winnt.h ace.AceType = (int)ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_ALLOWED; ace.AceFlags = 3; // This value (0x3) is undocumented in Iads.h, but it works...go figure. dacl.AddAce(ace); sd.DiscretionaryAcl = dacl; asu.SetSecurityDescriptor(folder, (int)ADS_PATHTYPE_ENUM.ADS_PATH_FILE, sd, (int)ADS_SD_FORMAT_ENUM.ADS_SD_FORMAT_IID); } return; Thanks, Mark Given that the sample code you posted appears to be using types that are not
present in any available version of the .NET Framework, it's a wee bit difficult to suggest a way to use these types to accomplish any goal. <g> Are you using a publicly available helper library and, if so, where did you get it? Show quoteHide quote "Mark A. Richman" <markarich***@gmail.com> wrote in message news:1116429762.426088.115750@g47g2000cwa.googlegroups.com... > How do I turn this flag on from C#? I need to ensure files created in > the directory inherit that directory's ACL. > > I am currently setting permissions like this: > > ActiveDs.SecurityDescriptor sd = null; > ActiveDs.AccessControlEntryClass ace = null; > > ADsSecurityUtilityClass asu = new ADsSecurityUtilityClass(); > asu.SecurityMask = (int)(ADS_SECURITY_INFO_ENUM.ADS_SECURITY_INFO_OWNER > | ADS_SECURITY_INFO_ENUM.ADS_SECURITY_INFO_DACL); > sd = asu.GetSecurityDescriptor(folder, > (int)ADS_PATHTYPE_ENUM.ADS_PATH_FILE, > (int)ADS_SD_FORMAT_ENUM.ADS_SD_FORMAT_IID) as > ActiveDs.SecurityDescriptor; > > AccessControlList dacl = sd.DiscretionaryAcl as AccessControlList; > > if(dacl != null) > { > ace = new AccessControlEntryClass(); > ace.Trustee = sid; > ace.AccessMask = (int)perm; // FILE_ALL_ACCESS, FILE_GENERIC_READ, > etc. from winnt.h > ace.AceType = (int)ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_ALLOWED; > ace.AceFlags = 3; // This value (0x3) is undocumented in Iads.h, but > it works...go figure. > dacl.AddAce(ace); > sd.DiscretionaryAcl = dacl; > > asu.SetSecurityDescriptor(folder, > (int)ADS_PATHTYPE_ENUM.ADS_PATH_FILE, sd, > (int)ADS_SD_FORMAT_ENUM.ADS_SD_FORMAT_IID); > } > return; > > Thanks, > Mark > 
Other interesting topics
RSA Encrypt/Decrypt Problems
Appliyng Security in assembly. A single page from an existing application under SSL? Security Exception due to Medium trust level ASP.NET roles, authentication full trus and 1.1 SP1 ASP.NET security for a combined intranet/Internet site How do I get the current logged in user in Windows Forms Geil Security - newbie Q |
|||||||||||||||||||||||
