0

I need to set access control to a folder

my code is

 Private Sub cmdApplyRestrictions_Click(sender As Object, e As EventArgs) Handles cmdApplyRestrictions.Click
    Dim myDirectoryInfo As New DirectoryInfo(txtFolder.Text)

    Dim myDirectorySecurity As DirectorySecurity = myDirectoryInfo.GetAccessControl()
    Dim User As String = System.Environment.UserDomainName + "\" + cmbUser.SelectedItem.ToString()

    myDirectorySecurity.AddAccessRule(New FileSystemAccessRule(User, FileSystemRights.Read, AccessControlType.Deny))
    myDirectoryInfo.SetAccessControl(myDirectorySecurity)
    MessageBox.Show("Permissions Altered Successfully")

End Sub 

the line

myDirectoryInfo.SetAccessControl(myDirectorySecurity)

is giving exception as

An unhandled exception of type 'System.UnauthorizedAccessException' occurred in mscorlib.dll

I am logged in as a user with administrative rights but not administrator itself i need to block access to all users including the logged in user as well as all user including administrator

later when my program ends, i will to restore the permissions

One more requirement is that i wish to grant access to this folder one external program

AFZAL KHAN
  • 33
  • 8

1 Answers1

1

You need your app to be executed with elevated privileges.

Add an app.manifest file to your app with this content:

<?xml version="1.0" encoding="utf-8"?>
<asmv1:assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
    <security>
      <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
        <requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
      </requestedPrivileges>
    </security>
  </trustInfo>
</asmv1:assembly>
Gusman
  • 14,905
  • 2
  • 34
  • 50
  • and your app asks you for admin privileges when you execute it? – Gusman Jun 02 '16 at 03:06
  • Then you did something wrong, it must ask for admin privileges, remove the file, add it again (add -> application manifest) and set the exact content I pasted. – Gusman Jun 02 '16 at 03:11
  • When i try to run the exe it says A referral was returned from the server and does not runs – AFZAL KHAN Jun 02 '16 at 03:12
  • http://stackoverflow.com/questions/6954170/a-referral-was-returned-from-the-server-exception-when-accessing-ad-from-c-sha – Gusman Jun 02 '16 at 03:13
  • Thanks, it worked, but do u have any clue on my complete requirement, i need to block all access to this folder except for a program – AFZAL KHAN Jun 02 '16 at 03:15
  • That's going to be a big hell for you, as you first must create another user on the machine to grant that user acces to the folder and then impersonate that user and launch the program which must have acces to it, it's doable but extremely complex. Maybe if you explain what is your final goal we can think in another approach (an isolated storage? an encripted folder? there are many options depending on what you need). – Gusman Jun 02 '16 at 03:18