2

which PInvoke do I need to verify the permissions (CanRead, CanWrite, CanExecute...) for an UNC-Path(\UNC\?\ or \?\, Files and Folders). With System.IO I would use fileInfo.GetAccessControll().GetAccessRules to get the AuthorizationRuleCollection but I can't work with System.IO, because this namespace does not support long paths.

I know how to get the owner, but I found no solution for the other information. I thought I have to use GetNamedSecurityInfo as well but the information are very sparse.

Thanks.

DerAbt
  • 337
  • 1
  • 5
  • 14
  • How long are your filenames??? Filename-length is not a feature of .NET but of Windows itself – bash.d Mar 26 '13 at 10:22
  • 1
    Are you looking for the AccessCheck Windows API? in this case, check this out: http://technolog.nl/blogs/eprogrammer/archive/2009/06/18/Howto_3A00_-Properly-use-the-AccessCheck-API.aspx – Simon Mourier Mar 26 '13 at 10:46
  • @bash.d: up to 2700 chars. System.IO is limited to 240/256 and Win32 Calls are limited (UNC) to 32767. My lib works but I have to provide access checkups in next version. – DerAbt Mar 26 '13 at 11:29
  • @SimonMourier, thanks but that does not work too. Directory.GetAccessControl is also limited to 240/256 chars (does not support unc long path). – DerAbt Mar 26 '13 at 11:39
  • Yeah, that won't stop hurting. You'll have System.IO completely replaced by the time you're done. Best to not try to fix this, Microsoft tried to tackle it [but gave up on it](http://blogs.msdn.com/b/bclteam/archive/2007/02/13/long-paths-in-net-part-1-of-3-kim-hamilton.aspx) – Hans Passant Mar 26 '13 at 12:09
  • @DerAbt - I Known, I was just pointing to AccessCheck, not the rest of the managed code. What doesn't work exactly with AccessCheck? – Simon Mourier Mar 26 '13 at 12:48
  • @SimonMourier for AccessCheck() I have to use "pSecurityDescriptor". The value of pSecurityDescriptor comes from Directory.GetAccessControl(path..). And this is my problem: what is the win32 equivalent or GetAccessControl() and GetSecurityDescriptorBinaryForm()? If I could get the result of GetAccessControl() via Win32 I could use GetAccessRules to iterate on managed .NET... but I cannot find any information on MSDN. Only NamedSecurityInfo() provides parameters called "dacl" and "sacl". But the description is.. cr*p. There are many ways, but all ending in fi.GetAccessControl()... – DerAbt Mar 26 '13 at 13:01
  • @SimonMourier see solution below. Thanks! – DerAbt Mar 26 '13 at 15:01

1 Answers1

2

The solution is to use GetNamedSecurityInfo and the Parameter pSecurityDescriptor and the DACL information request.

// Get Length
var securityDescriptorLength = /* Win32 Call */ GetSecurityDescriptorLength( pSecurityDescriptor );

// Define array to copy
var securityDescriptorDataArray = new byte[ securityDescriptorLength ];

// Copy by marshal to defined array
/* Win32 Call */ Marshal.Copy( pSecurityDescriptor, securityDescriptorDataArray, 0, ( int ) securityDescriptorLength );

// If path is directory
var securityInfo = new DirectorySecurity( );
securityInfo.SetSecurityDescriptorBinaryForm( securityDescriptorDataArray );

Now you can get the AccessRules by using securityInfo.GetAccessRules()

DerAbt
  • 337
  • 1
  • 5
  • 14