本文整理汇总了C#中System.Security.AccessControl.RawSecurityDescriptor类的典型用法代码示例。如果您正苦于以下问题:C# RawSecurityDescriptor类的具体用法?C# RawSecurityDescriptor怎么用?C# RawSecurityDescriptor使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
RawSecurityDescriptor类属于System.Security.AccessControl命名空间,在下文中一共展示了RawSecurityDescriptor类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。
示例1: CheckBinaryConstructor
private void CheckBinaryConstructor (string expectedSddl, byte[] binary)
{
RawSecurityDescriptor sd = new RawSecurityDescriptor (binary, 0);
Assert.AreEqual (sd.BinaryLength, binary.Length);
Assert.AreEqual (expectedSddl, sd.GetSddlForm (AccessControlSections.All));
}示例2: CommonSecurityDescriptor
internal CommonSecurityDescriptor(bool isContainer, bool isDS, RawSecurityDescriptor rawSecurityDescriptor, bool trusted)
{
if (rawSecurityDescriptor == null)
{
throw new ArgumentNullException("rawSecurityDescriptor");
}
this.CreateFromParts(isContainer, isDS, rawSecurityDescriptor.ControlFlags, rawSecurityDescriptor.Owner, rawSecurityDescriptor.Group, (rawSecurityDescriptor.SystemAcl == null) ? null : new System.Security.AccessControl.SystemAcl(isContainer, isDS, rawSecurityDescriptor.SystemAcl, trusted), (rawSecurityDescriptor.DiscretionaryAcl == null) ? null : new System.Security.AccessControl.DiscretionaryAcl(isContainer, isDS, rawSecurityDescriptor.DiscretionaryAcl, trusted));
}示例3: SetProcessSecurityDescriptor
public static void SetProcessSecurityDescriptor(IntPtr hWnd)
{
RawSecurityDescriptor sd = new RawSecurityDescriptor(ControlFlags.None, new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null), null, null, new RawAcl(2, 0));
sd.SetFlags(ControlFlags.DiscretionaryAclPresent | ControlFlags.DiscretionaryAclDefaulted);
byte[] rawSd = new byte[sd.BinaryLength];
sd.GetBinaryForm(rawSd, 0);
if (!NativeMethods.Advapi32.SetKernelObjectSecurity(hWnd, (int)SecurityInfos.DiscretionaryAcl, rawSd))
Console.WriteLine("Win32Exception(): {0}", new Win32Exception().Message);
}示例4: CheckSddlConstructor
private void CheckSddlConstructor (string sddl, byte[] expectedBinary)
{
RawSecurityDescriptor sd = new RawSecurityDescriptor (sddl);
Assert.GreaterOrEqual (sd.BinaryLength, 0);
byte[] buffer = new byte[sd.BinaryLength];
sd.GetBinaryForm (buffer, 0);
Assert.AreEqual (expectedBinary, buffer);
}示例5: CheckRoundTrip
private void CheckRoundTrip (string sddl)
{
RawSecurityDescriptor sd = new RawSecurityDescriptor (sddl);
byte[] buffer = new byte[sd.BinaryLength];
sd.GetBinaryForm (buffer, 0);
sd = new RawSecurityDescriptor (buffer, 0);
Assert.AreEqual (sddl, sd.GetSddlForm (AccessControlSections.All));
}示例6: ComputeAccess
public ACCESS_MASK ComputeAccess(RawSecurityDescriptor descriptor, IdentityReference identity)
{
var accessGranted = ACCESS_MASK.NONE;
// Create the Resource Manager
using (SafeAuthzRMHandle authzRM = InitializeResourceManager())
using (SafeAuthzContextHandle userClientCtxt = InitializeContextFromSid(authzRM, identity))
{
accessGranted = AccessCheck(userClientCtxt, descriptor);
}
return accessGranted;
}示例7: AllowUserAccessToCurrentProcess
public void AllowUserAccessToCurrentProcess()
{
if (originalACL == null)
return;
IntPtr hProcess = GetCurrentProcess();
// Read the DACL
var dacl = new RawSecurityDescriptor(originalACL, 0);
// Insert the new ACE
SetProcessSecurityDescriptor(hProcess, dacl);
originalACL = null;
}示例8: AccessCheck
private ACCESS_MASK AccessCheck(SafeAuthzContextHandle userClientCtxt, RawSecurityDescriptor descriptor)
{
ACCESS_MASK accessGranted;
// Prepare the Access Check request
var request = new NativeMethods.AUTHZ_ACCESS_REQUEST();
request.DesiredAccess = ACCESS_MASK.MAXIMUM_ALLOWED;
request.PrincipalSelfSid = null;
request.ObjectTypeList = IntPtr.Zero;
request.ObjectTypeListLength = 0;
request.OptionalArguments = IntPtr.Zero;
using (var grantedAccessBuffer = SafeAllocation.Create<ACCESS_MASK>())
using (var errorBuffer = SafeAllocation.Create<uint>())
{
// Prepare the access check reply
var reply = new NativeMethods.AUTHZ_ACCESS_REPLY();
reply.ResultListLength = 1;
reply.SaclEvaluationResults = IntPtr.Zero;
reply.GrantedAccessMask = grantedAccessBuffer.DangerousGetHandle();
reply.Error = errorBuffer.DangerousGetHandle();
var rawSD = new byte[descriptor.BinaryLength];
descriptor.GetBinaryForm(rawSD, 0);
if (!NativeMethods.AuthzAccessCheck(
NativeMethods.AuthzACFlags.None,
userClientCtxt,
ref request,
IntPtr.Zero,
rawSD,
null,
0,
ref reply,
IntPtr.Zero))
{
throw new Win32Exception(Marshal.GetLastWin32Error());
}
accessGranted = grantedAccessBuffer.ToStructure();
}
return accessGranted;
}示例9: Init
void Init (bool isContainer, bool isDS, RawSecurityDescriptor rawSecurityDescriptor)
{
if (null == rawSecurityDescriptor)
throw new ArgumentNullException ("rawSecurityDescriptor");
SystemAcl sacl = null;
if (null != rawSecurityDescriptor.SystemAcl)
sacl = new SystemAcl (isContainer, isDS, rawSecurityDescriptor.SystemAcl);
DiscretionaryAcl dacl = null;
if (null != rawSecurityDescriptor.DiscretionaryAcl)
dacl = new DiscretionaryAcl (isContainer, isDS, rawSecurityDescriptor.DiscretionaryAcl);
Init (isContainer, isDS,
rawSecurityDescriptor.ControlFlags,
rawSecurityDescriptor.Owner,
rawSecurityDescriptor.Group,
sacl, dacl);
}示例10: AclInheritance
public void AclInheritance()
{
NtfsFileSystem ntfs = new FileSystemSource().NtfsFileSystem();
RawSecurityDescriptor sd = new RawSecurityDescriptor("O:BAG:BAD:(A;OICINP;GA;;;BA)");
ntfs.CreateDirectory("dir");
ntfs.SetSecurity("dir", sd);
ntfs.CreateDirectory(@"dir\subdir");
RawSecurityDescriptor inheritedSd = ntfs.GetSecurity(@"dir\subdir");
Assert.NotNull(inheritedSd);
Assert.AreEqual("O:BAG:BAD:(A;ID;GA;;;BA)", inheritedSd.GetSddlForm(AccessControlSections.All));
using (ntfs.OpenFile(@"dir\subdir\file", FileMode.Create, FileAccess.ReadWrite)) { }
inheritedSd = ntfs.GetSecurity(@"dir\subdir\file");
Assert.NotNull(inheritedSd);
Assert.AreEqual("O:BAG:BAD:", inheritedSd.GetSddlForm(AccessControlSections.All));
}示例11: GetSecurityDescriptor
public RawSecurityDescriptor GetSecurityDescriptor()
{
if (string.IsNullOrEmpty(path))
{
throw new ArgumentException("Path cannot be null or whitespace.", "path");
}
FileSystemSecurity security;
if (!TryGetFileSecurity(path, AccessSectionsNeeded, out security))
{
if (!TryGetDirectorySecurity(path, AccessSectionsNeeded, out security))
{
throw new ArgumentException("The path must be an existing file or directory.", path);
}
}
var descriptorBinaryForm = security.GetSecurityDescriptorBinaryForm();
var descriptor = new RawSecurityDescriptor(descriptorBinaryForm, 0);
return descriptor;
}示例12: DecodeSsdl
public static string DecodeSsdl(string ssdlStr, StringBuilder decodeBuffer,
StringBuilder domainBuffer, StringBuilder usernameBuffer, ref int formatted)
{
try
{
var ssdl = new RawSecurityDescriptor(ssdlStr);
++formatted;
decodeBuffer.Remove(0, decodeBuffer.Length);
decodeBuffer.Append("ControlFlags=")
.Append(ssdl.ControlFlags)
.Append("; ResourceManagerControlBits=")
.Append(ssdl.ResourceManagerControl);
if (ssdl.Group != null)
decodeBuffer.Append("; Group=").Append(ssdl.Group);
if (ssdl.Owner != null)
decodeBuffer.Append("; Owner=").Append(ssdl.Owner);
if (ssdl.DiscretionaryAcl != null)
{
foreach (var acl in ssdl.DiscretionaryAcl)
{
decodeBuffer.Append("; DiscretionaryAcl");
DecodeAcl(acl, decodeBuffer, domainBuffer, usernameBuffer);
}
}
if (ssdl.SystemAcl != null)
{
foreach (var acl in ssdl.SystemAcl)
{
decodeBuffer.Append("; SystemAcl");
DecodeAcl(acl, decodeBuffer, domainBuffer, usernameBuffer);
}
}
return decodeBuffer.ToString();
}
catch
{
return ssdlStr;
}
}示例13: Create
public static VirtualHardDisk Create(string filename, ulong maximumSize,
VirtualStorageDeviceTypes deviceType = VirtualStorageDeviceTypes.Vhd,
VirtualDiskAccessMasks mask = VirtualDiskAccessMasks.All, RawSecurityDescriptor securityDescriptor = null,
CreateVirtualDiskFlags flags = CreateVirtualDiskFlags.None, uint providerSpecificFlags = 0,
Guid uniqueId = default(Guid), uint blockSizeInBytes = 0, uint sectorSizeInBytes = 0,
string parentPath = null, string sourcePath = null, Overlapped overlapped = null)
{
if ()
var storageType = new VirtualStorageType {DeviceId = deviceType};
var parameters = new CreateVirtualDiskParameters
{
Version = CreateVirtualDiskVersions.Version1,
Version1 = new CreateVirtualDiskParametersVersion1
{
UniqueId = uniqueId,
MaximumSize = maximumSize,
BlockSizeInBytes = blockSizeInBytes,
SectorSizeInBytes = sectorSizeInBytes,
ParentPath = parentPath,
SourcePath = sourcePath
}
};
var handle = VirtualDiskCore.CreateVirtualDisk(storageType, filename, mask, securityDescriptor, flags,
providerSpecificFlags, parameters, overlapped);
var vhd = new VirtualHardDisk(filename, handle);
// ReSharper disable once InvertIf
if (vhd.VirtualStorageType.DeviceId == VirtualStorageDeviceTypes.Iso)
{
vhd.Dispose();
throw new NotSupportedException("This class does not support ISO files.");
}
return vhd;
}示例14: EffectiveAccess
public EffectiveAccess(string path,
string targetMachine,
RawSecurityDescriptor shareSD,
SecurityIdentifier userSid,
SecurityIdentifier deviceSid,
ClaimValueDictionary userClaims,
ClaimValueDictionary deviceClaims,
GroupsCollection userGroups,
GroupsCollection deviceGroups)
{
if (string.IsNullOrEmpty(targetMachine) && shareSD != null)
{
throw new ArgumentException("targetMachine must be value when shareSD is not-empty", "targetMachine");
}
handle = NativeMethods.CreateFile(path,
NativeMethods.FileAccess.GenericRead,
NativeMethods.FileShare.Read
| NativeMethods.FileShare.Write
| NativeMethods.FileShare.Delete,
IntPtr.Zero,
NativeMethods.FileMode.OpenExisting,
NativeMethods.FileFlagAttrib.BackupSemantics,
IntPtr.Zero);
if (handle.IsInvalid)
{
throw new Win32Exception(Marshal.GetLastWin32Error());
}
this.targetMachine = targetMachine;
this.shareSD = shareSD;
this.userSid = userSid;
this.deviceSid = deviceSid;
this.userClaims = userClaims;
this.deviceClaims = deviceClaims;
this.userGroups = userGroups;
this.deviceGroups = deviceGroups;
}示例15: CreateFromParts
private void CreateFromParts(bool isContainer, bool isDS, System.Security.AccessControl.ControlFlags flags, SecurityIdentifier owner, SecurityIdentifier group, System.Security.AccessControl.SystemAcl systemAcl, System.Security.AccessControl.DiscretionaryAcl discretionaryAcl)
{
if ((systemAcl != null) && (systemAcl.IsContainer != isContainer))
{
throw new ArgumentException(Environment.GetResourceString(isContainer ? "AccessControl_MustSpecifyContainerAcl" : "AccessControl_MustSpecifyLeafObjectAcl"), "systemAcl");
}
if ((discretionaryAcl != null) && (discretionaryAcl.IsContainer != isContainer))
{
throw new ArgumentException(Environment.GetResourceString(isContainer ? "AccessControl_MustSpecifyContainerAcl" : "AccessControl_MustSpecifyLeafObjectAcl"), "discretionaryAcl");
}
this._isContainer = isContainer;
if ((systemAcl != null) && (systemAcl.IsDS != isDS))
{
throw new ArgumentException(Environment.GetResourceString(isDS ? "AccessControl_MustSpecifyDirectoryObjectAcl" : "AccessControl_MustSpecifyNonDirectoryObjectAcl"), "systemAcl");
}
if ((discretionaryAcl != null) && (discretionaryAcl.IsDS != isDS))
{
throw new ArgumentException(Environment.GetResourceString(isDS ? "AccessControl_MustSpecifyDirectoryObjectAcl" : "AccessControl_MustSpecifyNonDirectoryObjectAcl"), "discretionaryAcl");
}
this._isDS = isDS;
this._sacl = systemAcl;
if (discretionaryAcl == null)
{
discretionaryAcl = System.Security.AccessControl.DiscretionaryAcl.CreateAllowEveryoneFullAccess(this._isDS, this._isContainer);
}
this._dacl = discretionaryAcl;
System.Security.AccessControl.ControlFlags flags2 = flags | System.Security.AccessControl.ControlFlags.DiscretionaryAclPresent;
if (systemAcl == null)
{
flags2 &= ~System.Security.AccessControl.ControlFlags.SystemAclPresent;
}
else
{
flags2 |= System.Security.AccessControl.ControlFlags.SystemAclPresent;
}
this._rawSd = new RawSecurityDescriptor(flags2, owner, group, (systemAcl == null) ? null : systemAcl.RawAcl, discretionaryAcl.RawAcl);
}