开发者

Deny/Readonly access to removable drives

i want to deny/readonly access开发者_开发知识库 to removable drives using ACL.

i searched and found that i can be done using setsecurityinfo.

i referred Msdn and pinvoke.net but not able to set successfully

Help in c# or Vb.net required


MSDN has the following example for the FileSystemAccessRule class:

   // Removes an ACL entry on the specified file for the specified account.
    public static void RemoveFileSecurity(string fileName, string account,
        FileSystemRights rights, AccessControlType controlType)
    {

        // Get a FileSecurity object that represents the
        // current security settings.
        FileSecurity fSecurity = File.GetAccessControl(fileName);

        // Remove the FileSystemAccessRule from the security settings.
        fSecurity.RemoveAccessRule(new FileSystemAccessRule(account,
            rights, controlType));

        // Set the new access settings.
        File.SetAccessControl(fileName, fSecurity);

    }

You should build your specific solution based on this.

Remember that you need to be an owner or have 'change permission' rights to make these changes.


    [DllImport("advapi32.dll", CharSet = CharSet.Unicode)]

private static extern uint SetNamedSecurityInfoW(String pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, IntPtr psidOwner, IntPtr psidGroup, IntPtr pDacl, IntPtr pSacl);

    private void Form1_Load(object sender, EventArgs e)
    {
     SetNamedSecurityInfo ("\\\\.\\K:",SE_OBJECT_TYPE.SE_FILE_OBJECT,SECURITY_INFORMATION.ProtectedDacl, null, null, null, null);

    }

    private void SetNamedSecurityInfo(string p, object SE_FILE_OBJECT, object DACL_SECURITY_INFORMATION, object NULL, object NULL_5, object paclNew, object NULL_7)
    {
        throw new Exception("The method or operation is not implemented.");
    }

[DllImport("Advapi32.dll", SetLastError = true)] private static extern bool ConvertStringSidToSid(String StringSid, ref IntPtr Sid);

private enum SE_OBJECT_TYPE { SE_UNKNOWN_OBJECT_TYPE=0,
SE_FILE_OBJECT, SE_SERVICE, SE_PRINTER, SE_REGISTRY_KEY, SE_LMSHARE, SE_KERNEL_OBJECT, SE_WINDOW_OBJECT, SE_DS_OBJECT, SE_DS_OBJECT_ALL, SE_PROVIDER_DEFINED_OBJECT, SE_WMIGUID_OBJECT,SE_REGISTRY_WOW64_32KEY }

[Flags] private enum SECURITY_INFORMATION : uint { Owner = 0x00000001, Group = 0x00000002, Dacl = 0x00000004, Sacl = 0x00000008, ProtectedDacl = 0x80000000, ProtectedSacl = 0x40000000, UnprotectedDacl = 0x20000000, UnprotectedSacl = 0x10000000 }

where k: is the removable drive

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜