本文整理匯總了C#中System.Security.AccessControl.DiscretionaryAcl.AddAccess方法的典型用法代碼示例。如果您正苦於以下問題:C# DiscretionaryAcl.AddAccess方法的具體用法?C# DiscretionaryAcl.AddAccess怎麽用?C# DiscretionaryAcl.AddAccess使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類System.Security.AccessControl.DiscretionaryAcl
的用法示例。
在下文中一共展示了DiscretionaryAcl.AddAccess方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的C#代碼示例。
示例1: CreateAllowEveryoneFullAccess
internal static DiscretionaryAcl CreateAllowEveryoneFullAccess(bool isDS, bool isContainer)
{
DiscretionaryAcl acl = new DiscretionaryAcl(isContainer, isDS, 1);
acl.AddAccess(AccessControlType.Allow, _sidEveryone, -1, isContainer ? (InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit) : InheritanceFlags.None, PropagationFlags.None);
acl.everyOneFullAccessForNullDacl = true;
return acl;
}
示例2: IpcStore
static IpcStore()
{
var dacl = new DiscretionaryAcl(false, false, 1);
dacl.AddAccess(AccessControlType.Allow, new SecurityIdentifier(WellKnownSidType.CreatorOwnerSid, null), -1, InheritanceFlags.None, PropagationFlags.None);
dacl.AddAccess(AccessControlType.Allow, new SecurityIdentifier(WellKnownSidType.BuiltinUsersSid, null), -1, InheritanceFlags.None, PropagationFlags.None);
dacl.AddAccess(AccessControlType.Allow, new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null), -1, InheritanceFlags.None, PropagationFlags.None);
IpcAcl = new CommonSecurityDescriptor(false, false, ControlFlags.GroupDefaulted | ControlFlags.OwnerDefaulted | ControlFlags.DiscretionaryAclPresent, null, null, null, dacl);
}
示例3: CreateSecurityDescriptor
internal static CommonSecurityDescriptor CreateSecurityDescriptor(SecurityIdentifier userSid)
{
SecurityIdentifier sid = new SecurityIdentifier(networkSidSddlForm);
DiscretionaryAcl dacl = new DiscretionaryAcl(false, false, 1);
// Deny all access to NetworkSid
dacl.AddAccess(AccessControlType.Deny, sid, -1, InheritanceFlags.None, PropagationFlags.None);
if (userSid != null)
dacl.AddAccess(AccessControlType.Allow, userSid, -1, InheritanceFlags.None, PropagationFlags.None);
// Add access to the current user creating the pipe
dacl.AddAccess(AccessControlType.Allow, WindowsIdentity.GetCurrent().User, -1, InheritanceFlags.None, PropagationFlags.None);
// Initialize and return the CommonSecurityDescriptor
return new CommonSecurityDescriptor(false, false, ControlFlags.OwnerDefaulted | ControlFlags.GroupDefaulted | ControlFlags.DiscretionaryAclPresent, null, null, null, dacl);;
}
示例4: AddAccessObjectAceNonDSFailsEvenIfObjectAceFlagsNoneImplyingCommonAce
public void AddAccessObjectAceNonDSFailsEvenIfObjectAceFlagsNoneImplyingCommonAce ()
{
SecurityIdentifier sid = new SecurityIdentifier ("BA");
DiscretionaryAcl dacl = new DiscretionaryAcl (false, false, 0);
dacl.AddAccess (AccessControlType.Allow, sid, 1, InheritanceFlags.None, PropagationFlags.None,
ObjectAceFlags.None, Guid.Empty, Guid.Empty);
}
示例5: EditDacl
private static void EditDacl(DiscretionaryAcl dacl, SecurityIdentifier account, int right, bool add)
{
if (add)
{
dacl.AddAccess(AccessControlType.Allow, account, right, InheritanceFlags.None, PropagationFlags.None);
}
else
{
dacl.RemoveAccess(AccessControlType.Allow, account, right, InheritanceFlags.None, PropagationFlags.None);
}
}
示例6: AddAccessCommonAce
public void AddAccessCommonAce ()
{
SecurityIdentifier sid = new SecurityIdentifier ("BA");
DiscretionaryAcl dacl = new DiscretionaryAcl (false, false, 0);
dacl.AddAccess (AccessControlType.Allow, sid, 1, InheritanceFlags.None, PropagationFlags.None);
Assert.AreEqual (1, dacl.Count);
CommonAce ace = (CommonAce)dacl[0];
Assert.AreEqual (1, ace.AccessMask);
Assert.AreEqual ("S-1-5-32-544", ace.SecurityIdentifier.Value);
Assert.IsFalse (ace.IsInherited);
}
示例7: AddAccessFailsOnNonCanonical
public void AddAccessFailsOnNonCanonical ()
{
SecurityIdentifier sid = new SecurityIdentifier ("BU");
RawAcl acl = new RawAcl (RawAcl.AclRevision, 0);
acl.InsertAce (0, new CommonAce (AceFlags.None, AceQualifier.AccessAllowed, 1, sid, false, null));
acl.InsertAce (1, new CommonAce (AceFlags.None, AceQualifier.AccessDenied, 1, sid, false, null));
DiscretionaryAcl dacl = new DiscretionaryAcl (false, false, acl);
Assert.IsFalse (dacl.IsCanonical);
Assert.AreEqual (2, dacl.Count);
dacl.AddAccess (AccessControlType.Allow, sid, 1, InheritanceFlags.None, PropagationFlags.None);
}
示例8: FromSecurityIdentifiersFull
private static byte[] FromSecurityIdentifiersFull(List<SecurityIdentifier> allowedSids, int accessRights)
{
int capacity = (allowedSids == null) ? 3 : (2 + allowedSids.Count);
DiscretionaryAcl discretionaryAcl = new DiscretionaryAcl(false, false, capacity);
discretionaryAcl.AddAccess(AccessControlType.Deny, new SecurityIdentifier(WellKnownSidType.NetworkSid, null), 0x10000000, InheritanceFlags.None, PropagationFlags.None);
int accessMask = GenerateClientAccessRights(accessRights);
if (allowedSids == null)
{
discretionaryAcl.AddAccess(AccessControlType.Allow, new SecurityIdentifier(WellKnownSidType.WorldSid, null), accessMask, InheritanceFlags.None, PropagationFlags.None);
}
else
{
for (int i = 0; i < allowedSids.Count; i++)
{
SecurityIdentifier sid = allowedSids[i];
discretionaryAcl.AddAccess(AccessControlType.Allow, sid, accessMask, InheritanceFlags.None, PropagationFlags.None);
}
}
discretionaryAcl.AddAccess(AccessControlType.Allow, GetProcessLogonSid(), accessRights, InheritanceFlags.None, PropagationFlags.None);
CommonSecurityDescriptor descriptor = new CommonSecurityDescriptor(false, false, ControlFlags.None, null, null, null, discretionaryAcl);
byte[] binaryForm = new byte[descriptor.BinaryLength];
descriptor.GetBinaryForm(binaryForm, 0);
return binaryForm;
}
示例9: GetDacl
private static DiscretionaryAcl GetDacl(SecurityIdentifier securityIdentifiers)
{
DiscretionaryAcl dacl = new DiscretionaryAcl(false, false, 16);
dacl.AddAccess(AccessControlType.Allow, securityIdentifiers, GenericExecute, InheritanceFlags.None, PropagationFlags.None);
return dacl;
}
示例10: EnsureServiceAclsCorrect
internal static void EnsureServiceAclsCorrect()
{
var psd = new byte[0];
uint bufSizeNeeded;
var ok = Advapi32.QueryServiceObjectSecurity(Controller.Value.ServiceHandle, SecurityInfos.DiscretionaryAcl, psd, 0, out bufSizeNeeded);
if (!ok) {
int err = Marshal.GetLastWin32Error();
if (err == 122) {
// ERROR_INSUFFICIENT_BUFFER
// expected; now we know bufsize
psd = new byte[bufSizeNeeded];
ok = Advapi32.QueryServiceObjectSecurity(
Controller.Value.ServiceHandle, SecurityInfos.DiscretionaryAcl, psd, bufSizeNeeded, out bufSizeNeeded);
} else {
throw new ApplicationException("error calling QueryServiceObjectSecurity() to get DACL for Service: error code=" + err);
}
}
if (!ok) {
throw new ApplicationException("error calling QueryServiceObjectSecurity(2) to get DACL for Service: error code=" + Marshal.GetLastWin32Error());
}
// get security descriptor via raw into DACL form so ACE
// ordering checks are done for us.
var rsd = new RawSecurityDescriptor(psd, 0);
var dacl = new DiscretionaryAcl(false, false, rsd.DiscretionaryAcl);
dacl.AddAccess(AccessControlType.Allow, new SecurityIdentifier(WellKnownSidType.AuthenticatedUserSid, null), (int)ServiceAccess.ServiceCoapp, InheritanceFlags.None, PropagationFlags.None);
// convert discretionary ACL back to raw form; looks like via byte[] is only way
var rawdacl = new byte[dacl.BinaryLength];
dacl.GetBinaryForm(rawdacl, 0);
rsd.DiscretionaryAcl = new RawAcl(rawdacl, 0);
// set raw security descriptor on service again
var rawsd = new byte[rsd.BinaryLength];
rsd.GetBinaryForm(rawsd, 0);
ok = Advapi32.SetServiceObjectSecurity(Controller.Value.ServiceHandle, SecurityInfos.DiscretionaryAcl, rawsd);
if (!ok) {
throw new ApplicationException("error calling SetServiceObjectSecurity(); error code=" + Marshal.GetLastWin32Error());
}
}
示例11: GetServerPipeSecurity
internal static CommonSecurityDescriptor GetServerPipeSecurity()
{
// Built-in Admin SID
SecurityIdentifier adminSID = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null);
DiscretionaryAcl dacl = new DiscretionaryAcl(false, false, 1);
dacl.AddAccess(
AccessControlType.Allow,
adminSID,
_pipeAccessMaskFullControl,
InheritanceFlags.None,
PropagationFlags.None);
CommonSecurityDescriptor securityDesc = new CommonSecurityDescriptor(
false, false,
ControlFlags.DiscretionaryAclPresent | ControlFlags.OwnerDefaulted | ControlFlags.GroupDefaulted,
null, null, null, dacl);
// Conditionally add User SID
bool isAdminElevated = new WindowsPrincipal(WindowsIdentity.GetCurrent()).IsInRole(WindowsBuiltInRole.Administrator);
if (!isAdminElevated)
{
securityDesc.DiscretionaryAcl.AddAccess(
AccessControlType.Allow,
WindowsIdentity.GetCurrent().User,
_pipeAccessMaskFullControl,
InheritanceFlags.None,
PropagationFlags.None);
}
return securityDesc;
}
示例12: Register
public void Register(bool useIPC, bool useTCP, bool useHTTP)
{
// データベースの復元
try
{
Database.Instance.Load();
}
catch (Exception)
{
// 最初は必ず失敗する
}
// IPCを使うと、コネクションが殘りっぱなしになったときに、不具合が起こる。
// PCをスタンバイさせるとまずいので、IPCは使わない方がいい。
if (useIPC)
{
// IPCを使うときは、サーバ側でACLを設定しないとダメみたい。
// ここのサンプルをコピーして使用。
// http://msdn2.microsoft.com/en-us/library/ms180985(vs.80).aspx
IDictionary props = new Hashtable();
props["portName"] = AppSettings.Instance.ObjectUri;
// This is the wellknown sid for network sid
string networkSidSddlForm = @"S-1-5-2";
// Local administrators sid
SecurityIdentifier localAdminSid = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null);
// Local Power users sid
SecurityIdentifier powerUsersSid = new SecurityIdentifier(WellKnownSidType.BuiltinPowerUsersSid, null);
// Network sid
SecurityIdentifier networkSid = new SecurityIdentifier(networkSidSddlForm);
DiscretionaryAcl dacl = new DiscretionaryAcl(false, false, 1);
// Disallow access from off machine
dacl.AddAccess(AccessControlType.Deny, networkSid, -1, InheritanceFlags.None, PropagationFlags.None);
// Allow acces only from local administrators and power users
dacl.AddAccess(AccessControlType.Allow, localAdminSid, -1, InheritanceFlags.None, PropagationFlags.None);
dacl.AddAccess(AccessControlType.Allow, powerUsersSid, -1, InheritanceFlags.None, PropagationFlags.None);
CommonSecurityDescriptor securityDescriptor =
new CommonSecurityDescriptor(false, false,
ControlFlags.GroupDefaulted |
ControlFlags.OwnerDefaulted |
ControlFlags.DiscretionaryAclPresent,
null, null, null, dacl);
// IPC Channelを作成
_ipcChannel = new IpcServerChannel(props, null, securityDescriptor);
ChannelServices.RegisterChannel(_ipcChannel, false);
}
if (useHTTP)
{
// HTTP Channelを作成
_httpChannel = new HttpServerChannel(AppSettings.Instance.HttpPort);
ChannelServices.RegisterChannel(_httpChannel, false);
}
if (useTCP)
{
// TCP Channelを作成
_tcpChannel = new TcpServerChannel(AppSettings.Instance.TcpPort);
ChannelServices.RegisterChannel(_tcpChannel, true);
}
RemotingConfiguration.RegisterWellKnownServiceType(typeof(IRmainteImpl), AppSettings.Instance.ObjectUri, WellKnownObjectMode.Singleton);
}
示例13: getDacl
private static DiscretionaryAcl getDacl(List<SecurityIdentifier> securityIdentifiers)
{
DiscretionaryAcl dacl = new DiscretionaryAcl(false, false, 16);
foreach (SecurityIdentifier sec in securityIdentifiers)
{
dacl.AddAccess(AccessControlType.Allow, sec, GENERIC_EXECUTE, InheritanceFlags.None, PropagationFlags.None);
}
return dacl;
}
示例14: FactoryCallTest
TestSecurity FactoryCallTest (bool objectAce)
{
SecurityIdentifier sid = new SecurityIdentifier ("WD");
DiscretionaryAcl dacl = new DiscretionaryAcl (true, true, 1);
dacl.AddAccess (AccessControlType.Allow, sid, 1,
InheritanceFlags.None, PropagationFlags.None,
objectAce ? ObjectAceFlags.ObjectAceTypePresent : ObjectAceFlags.None,
Guid.NewGuid (), Guid.Empty);
CommonSecurityDescriptor descriptor = new CommonSecurityDescriptor
(true, true, ControlFlags.None, null, null, null, dacl);
TestSecurity security = new TestSecurity (descriptor);
security.GetAccessRules (true, true, typeof (SecurityIdentifier));
return security;
}
示例15: PropagationFlagsRequireInheritanceFlagsForAdd
public void PropagationFlagsRequireInheritanceFlagsForAdd ()
{
SecurityIdentifier sid = new SecurityIdentifier ("BU");
DiscretionaryAcl dacl = new DiscretionaryAcl (true, false, 0);
dacl.AddAccess (AccessControlType.Allow, sid, 3, InheritanceFlags.None, PropagationFlags.InheritOnly);
}