开发者

Adding write access for low integrity processes under .Net

I'm creating an FileSecurity for file creation that should have an write access also for low integrity processes.

FileSecurity fileAcl = new FileSecurity();

// add everyone
IdentityReference sid = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
FileSystemAccessRule rule = new FileSystemAccessRule(sid, FileSystemRights.FullControl, AccessControlType.Allow);
fileAcl.AddAccessRule(rule);

// add restricted
sid = new SecurityIdentifier(WellKnownSidType.RestrictedCodeSid, null);
rule = new FileSystemAccessRule(sid, FileSystemRights.FullControl, AccessControlTy开发者_运维知识库pe.Allow);
fileAcl.AddAccessRule(rule);

// add low integrity level rights

// ???

If someone knows how to do it without invoking C API I would appreciate it, otherwise I'll have to rework to use it entirely.

Thanks in advance


I don't know if they are exposed in .NET, but the integrity levels themselves are also well-known SIDs. You should also read the Mandatory Integrity Control documentation to understand how to use them.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜