文件的权限设制

using Microsoft.Win32.Security;

 

private Boolean CreateDir(String strSitePath, String strUserName) {

Boolean bOk;

try {

Directory.CreateDirectory(strSitePath);

SecurityDescriptor secDesc = SecurityDescriptor.GetFileSecurity(strSitePath, SECURITY_INFORMATION.DACL_SECURITY_INFORMATION);

Dacl dacl = secDesc.Dacl;

Sid sidUser = new Sid (strUserName);

 

dacl.AddAce (new AceAccessAllowed (sidUser, AccessType.GENERIC_WRITE | AccessType.GENERIC_READ | AccessType.DELETE | AccessType.GENERIC_EXECUTE , AceFlags.OBJECT_INHERIT_ACE | AceFlags.CONTAINER_INHERIT_ACE));

 

// deny: this folder

// write attribs

// write extended attribs

// delete

// change permissions

// take ownership

DirectoryAccessType DAType = DirectoryAccessType.FILE_WRITE_ATTRIBUTES | DirectoryAccessType.FILE_WRITE_EA | DirectoryAccessType.DELETE | DirectoryAccessType.WRITE_OWNER | DirectoryAccessType.WRITE_DAC;

AccessType AType = (AccessType)DAType;

dacl.AddAce (new AceAccessDenied (sidUser, AType));

 

secDesc.SetDacl(dacl);

secDesc.SetFileSecurity(strSitePath, SECURITY_INFORMATION.DACL_SECURITY_INFORMATION);

bOk = true;

} catch {

bOk = false;

}

return bOk;

} /* CreateDir */