Permission for Users group successfully modified via code, but change is not reflected in Security tab for the Users group

Question

I have C# code (at the end) which:

1. Creates a file
2. Prints the current ACL
3. Gives the builtin users group "write permissions" to the previously created file
4. Prints the current modified ACL

The write permissions are successfully assigned via code as you can see in the console ouput.

My question is: Why does the security tab of the file, not reflect this permission change for the Users group ?

C# code:

var file = "sectest.txt";
File.WriteAllText(file, "File security test.");
var sid = new SecurityIdentifier(WellKnownSidType.BuiltinUsersSid, null);

string strBuiltInUsersAccount = sid.Translate(typeof(NTAccount)).ToString();
  
FileSecurity fileSecurity = new FileSecurity(file,
AccessControlSections.Owner |
AccessControlSections.Group |
AccessControlSections.Access);

Console.WriteLine("AFTER CREATE:");

ShowSecurity(fileSecurity); // BUILTIN\Users group doesn't have Write permission

// short: give "builtin\users" write permissions
var fsAccessRule = new FileSystemAccessRule(strBuiltInUsersAccount,
                                            FileSystemRights.Write,
                                            AccessControlType.Allow);

fileSecurity.ModifyAccessRule(AccessControlModification.Add, fsAccessRule, out bool modified);

Console.WriteLine();

Console.WriteLine("AFTER MODIFY:");
ShowSecurity(fileSecurity); // BUILTIN\Users has Write permission

Answer 1

That only modifies the single access rule in the ACE. It would then need to be persisted to the file. See File.SetAccessControl(filePath, fileSecurity)

https://learn.microsoft.com/en-us/dotnet/api/system.security.accesscontrol.filesecurity?view=net-7.0