Export (0) Print
Expand All

FileSystemSecurity Class

Note: This class is new in the .NET Framework version 2.0.

Represents the access control and audit security for a file or directory.

Namespace: System.Security.AccessControl
Assembly: mscorlib (in mscorlib.dll)

public abstract class FileSystemSecurity : NativeObjectSecurity
public abstract class FileSystemSecurity extends NativeObjectSecurity
public abstract class FileSystemSecurity extends NativeObjectSecurity

The FileSystemSecurity class is the base class for the FileSecurity and DirectorySecurity classes. These classes represent all of the access rights for a system file or directory and define how access attempts are audited.

The FileSystemSecurity class represents access and audit rights as a set of rules. Each access rule is represented by a FileSystemAccessRule object, while each audit rule is represented by a FileSystemAuditRule object.

The FileSystemSecurity class is an abstraction of the underlying Microsoft Windows file security system. In this system, each file or directory has a discretionary access control list (DACL), which controls access to the file or directory, and a system access control list (SACL), which specifies the access control attempts that are audited. The FileSystemAccessRule and FileSystemAuditRule classes are abstractions of access control entries (ACEs) that comprise DACLs and SACLs.

The FileSystemSecurity class hides many of details of DACLs and SACLs; you do not have to worry about ACE ordering or null DACLS.

To persist new or changed access control list (ACL) information to a file, use the SetAccessControl or SetAccessControl method. To persist new or changed ACL information to a directory, use the SetAccessControl or SetAccessControl method.

To retrieve ACL information from a file, use the GetAccessControl or GetAccessControl method. To retrieve ACL information from a directory, use the GetAccessControl or GetAccessControl method.

The following code example uses the FileSecurity class to add and then remove an access control list (ACL) entry from a file. You must supply a valid user or group account to run this example.

using System;
using System.IO;
using System.Security.AccessControl;

namespace FileSystemExample
{
    class FileExample
    {
        public static void Main()
        {
            try
            {
                string fileName = "test.xml";

                Console.WriteLine("Adding access control entry for " 
                    + fileName);

                // Add the access control entry to the file.
                AddFileSecurity(fileName, @"DomainName\AccountName",
                    FileSystemRights.ReadData, AccessControlType.Allow);

                Console.WriteLine("Removing access control entry from " 
                    + fileName);

                // Remove the access control entry from the file.
                RemoveFileSecurity(fileName, @"DomainName\AccountName", 
                    FileSystemRights.ReadData, AccessControlType.Allow);

                Console.WriteLine("Done.");
            }
            catch (Exception e)
            {
                Console.WriteLine(e);
            }
        }

        // Adds an ACL entry on the specified file for the specified account.
        public static void AddFileSecurity(string fileName, string account, 
            FileSystemRights rights, AccessControlType controlType)
        {
            

            // Get a FileSecurity object that represents the 
            // current security settings.
            FileSecurity fSecurity = File.GetAccessControl(fileName);

            // Add the FileSystemAccessRule to the security settings. 
            fSecurity.AddAccessRule(new FileSystemAccessRule(account,
                rights, controlType));

            // Set the new access settings.
            File.SetAccessControl(fileName, fSecurity);

        }

        // Removes an ACL entry on the specified file for the specified account.
        public static void RemoveFileSecurity(string fileName, string account, 
            FileSystemRights rights, AccessControlType controlType)
        {

            // Get a FileSecurity object that represents the 
            // current security settings.
            FileSecurity fSecurity = File.GetAccessControl(fileName);

            // Add the FileSystemAccessRule to the security settings. 
            fSecurity.RemoveAccessRule(new FileSystemAccessRule(account,
                rights, controlType));

            // Set the new access settings.
            File.SetAccessControl(fileName, fSecurity);

        }
    }
}

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Windows 98, Windows 2000 SP4, Windows Millennium Edition, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see System Requirements.

.NET Framework

Supported in: 2.0

Community Additions

ADD
Show:
© 2014 Microsoft