FileWatcher on Private Folder

I have a windows service that liste开发者_JAVA技巧ns on a folder on a server for newly added files. Once a new file is added then the services executes a method to carry out a specific function. I don't want the watched folder to be viewable or editable by users' that log in to the server. I would like for another program to c# .exe to be the only app that is able to view and add files. Is it possible to hide a folder away from users but make it available to an application?

Yes, of course. This a server permissions issue and you'll probably get a better response from ServerFault.

Permissions in Windows are assigned to users, not applications. You can't grant exclusive access to an application, only to accounts or groups. There are various workarounds that may be of help:

• Grant permissions only to the service account and the user of the application (if it's a batch). If the application is used by multiple users, you should put all of them in a group and grant rights to the group.
• Place the folder in the AppData folder used by all applications to store data. While the folder is visible, users rarely access this folder. You can get the AppData folder using Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData)
• You can have the service application grant rights to the folder when it starts and revoke them when it finishes. You can't guarantee that an administrator won't just terminate the service, leaving the folder accessible to all.

What are you trying to do? There may be ways to accomplish it without granting permissions to an application.

This seems like the most appropriate for me:

•Place the folder in the AppData folder used by all applications to store data. While the folder is visible, users rarely access this folder. You can get the AppData folder using Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData)

Here is how you can do this:

1. Create a Domain Account MyDomain/MyAccount (or have your Domain Admin create one for you)
2. Change permissions on your folder so that only the Domain Account MyDomain/MyAccount has permissions to the folder. Again, if you are unsure of how to do this, ask your Domain Admin to do this for you.
3. Right click the folder in Windows Explorer and mark the checkbox for HIDDEN property.
4. Change the Windows Service to run under MyDomain/MyAccount
5. Stop and restart the Windows Service.