Create a folder only accesible by current logon user

Using C#, how do I create a folde开发者_开发技巧r only accessible by the current windows user that is executing the program?

That is, if I log in Windows as "MyDomain\John" and run the program to create a folder "D:\JohnOnly". After I log out and log back in as "MyDomain\Sam". The "D:\JohnOnly" can not be opened.

Thanks,

Here is a link to the FileSystem Rights:

http://msdn.microsoft.com/en-us/library/system.security.accesscontrol.filesystemrights.aspx

The only thing to remember is that this is only honored on a windows machine. I can easily bypass this security by reading the HD on a linux box.

This is what I wrote after more research:

public void CreatePrivateDirectory(string path)
  {
     DirectorySecurity directorySecurity = new DirectorySecurity();
     SecurityIdentifier userSid = WindowsIdentity.GetCurrent().User;
     directorySecurity.AddAccessRule(new FileSystemAccessRule(userSid, FileSystemRights.FullControl,
                                                              InheritanceFlags.ContainerInherit |
                                                              InheritanceFlags.ObjectInherit,
                                                              PropagationFlags.None, AccessControlType.Allow));
     if(!Directory.Exists(path))
     {
        Directory.CreateDirectory(path, directorySecurity);
     }
  }

It worked. I will mark it as answer if no serious bug found. Thanks.

MS has something built-in for this:

You can use ApplicationData (for roaming users) or LocalApplicationData (for non-roaming users) from Environment.SpecialFolder - anything (files+folders) you create within those folders is already setup with the needed permissions/rights for the user running you app - nobody else (except perhaps Administrator) can go there... to make it even more secure you could encrypt data you put there...

see http://msdn.microsoft.com/en-us/library/system.environment.specialfolder.aspx