1

I'm trying to modify some of the permissions on a file for the current users account (i.e. I'm currently debugging this, so my account).

In case it helps, my user shows up as FirstName LastName (email@domain) in the Properties > Security window.
I've tried the following, but can't seem to get the right one. I kinda feel like I'm just taking random shots in the dark at this point... Neither rule 1 nor rule2 work, any the rest of the Sids don't stand out as being the correct one to me, but I'm hoping I'm overlooking something.

public static void AddUserPermission(string filePath)
{
    FileSecurity fs = File.GetAccessControl(filePath);

    //This adds a "Domain Users" group...
    FileSystemAccessRule rule1 = new FileSystemAccessRule(
        new SecurityIdentifier(WellKnownSidType.AccountDomainUsersSid, WindowsIdentity.GetCurrent().User.AccountDomainSid), FileSystemRights.Modify, AccessControlType.Deny);

    //Adds a "BUILTIN" group...
    FileSystemAccessRule rule2 = new FileSystemAccessRule(
        new SecurityIdentifier(WellKnownSidType.BuiltinDomainSid, null), FileSystemRights.Modify, AccessControlType.Deny);

    fs.AddAccessRule(rule1);
    fs.AddAccessRule(rule2);

    File.SetAccessControl(filePath, fs);
}
Broots Waymb
  • 4,713
  • 3
  • 28
  • 51
  • Have you tried using the account name instead of the AccountDomainSid? Basically don't use SecurityIdentifier but rather follow this...https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.filesystemaccessrule(v=vs.110).aspx – user1628733 Feb 01 '17 at 17:04
  • @user1628733 - That link using `Environment.UserName` (apparently without my domain) seems to work. If you want to post that as an answer I'll accept. Not sure if it'll work for everyone my app gets distributed to, but that's a question for another day. – Broots Waymb Feb 01 '17 at 17:29

0 Answers0