Deny/Readonly access to removable drives
i want to deny/readonly access开发者_开发知识库 to removable drives using ACL.
i searched and found that i can be done using setsecurityinfo.
i referred Msdn and pinvoke.net but not able to set successfully
Help in c# or Vb.net required
MSDN has the following example for the FileSystemAccessRule class:
// Removes an ACL entry on the specified file for the specified account.
public static void RemoveFileSecurity(string fileName, string account,
FileSystemRights rights, AccessControlType controlType)
{
// Get a FileSecurity object that represents the
// current security settings.
FileSecurity fSecurity = File.GetAccessControl(fileName);
// Remove the FileSystemAccessRule from the security settings.
fSecurity.RemoveAccessRule(new FileSystemAccessRule(account,
rights, controlType));
// Set the new access settings.
File.SetAccessControl(fileName, fSecurity);
}
You should build your specific solution based on this.
Remember that you need to be an owner or have 'change permission' rights to make these changes.
[DllImport("advapi32.dll", CharSet = CharSet.Unicode)]
private static extern uint SetNamedSecurityInfoW(String pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, IntPtr psidOwner, IntPtr psidGroup, IntPtr pDacl, IntPtr pSacl);
private void Form1_Load(object sender, EventArgs e)
{
SetNamedSecurityInfo ("\\\\.\\K:",SE_OBJECT_TYPE.SE_FILE_OBJECT,SECURITY_INFORMATION.ProtectedDacl, null, null, null, null);
}
private void SetNamedSecurityInfo(string p, object SE_FILE_OBJECT, object DACL_SECURITY_INFORMATION, object NULL, object NULL_5, object paclNew, object NULL_7)
{
throw new Exception("The method or operation is not implemented.");
}
[DllImport("Advapi32.dll", SetLastError = true)] private static extern bool ConvertStringSidToSid(String StringSid, ref IntPtr Sid);
private enum SE_OBJECT_TYPE
{
SE_UNKNOWN_OBJECT_TYPE=0,
SE_FILE_OBJECT,
SE_SERVICE,
SE_PRINTER,
SE_REGISTRY_KEY,
SE_LMSHARE,
SE_KERNEL_OBJECT,
SE_WINDOW_OBJECT,
SE_DS_OBJECT,
SE_DS_OBJECT_ALL,
SE_PROVIDER_DEFINED_OBJECT,
SE_WMIGUID_OBJECT,SE_REGISTRY_WOW64_32KEY
}
[Flags] private enum SECURITY_INFORMATION : uint { Owner = 0x00000001, Group = 0x00000002, Dacl = 0x00000004, Sacl = 0x00000008, ProtectedDacl = 0x80000000, ProtectedSacl = 0x40000000, UnprotectedDacl = 0x20000000, UnprotectedSacl = 0x10000000 }
where k: is the removable drive
精彩评论