Some people are thinking better to ask for forgiveness then permissions?
In the modern computing environment, file level permissions are important in operating systems. We do not interact with them directly in most instances in our normal everyday lives. Most of us can create an administrator account, yet know little to nothing
about how we can limit a person?s specific permissions except for technical gurus, IT users, or power users. So, how can we limit a
person's specific permissions depending on his account and privileges. I will explain how to change file level permissions below in
Figure 1: Retrieving users and adding to lstUsers list box.
"Get access control for file"
OpenFileDialog1.ShowDialog = Windows.Forms.DialogResult.OK
filename = OpenFileDialog1.FileName
fs = fi.GetAccessControl
Type = Type.
The second step in the tutorial is to view permissions for a specific user.
As you can see in Example 2, I have selected the user test and his allow and deny permissions to the file show up.
Notice how user test does not have any deny permissions? This is not a code error. In fact, he does not have any revoked or denied permissions at all.
In Figure 2, I show the code for lstUsers_SelectedIndexChangedEvent which shows the permissions for a specific user that is selected from the list.
Figure 2 - lstUsers_SelectedIndexChanged
user = lstUsers.SelectedItem.ToString
AuthRule.IdentityReference.Value.ToString = lstUsers.SelectedItem.ToString
FileSystemRights.FullControl) = FileSystemRights.FullControl
lstAllowPermissions.SetItemChecked(lstAllowPermissions.Items.Count - 1,
lstDenyPermissions.SetItemChecked(lstDenyPermissions.Items.Count - 1,
FileSystemRights.Modify) = FileSystemRights.Modify
?... more permissions can be added here
In this section, permissions are added or removed/denied but are not set on the file.We will be adding new permissions to allow or deny permission lists. The next code section will show how to actually set the new permissions we selected for the file. In
Figure 3, permissions are added to allow or deny lists depending upon what is selected in the cboACLType list box. In Figure 4, the code is displayed for removing currently displayed Allow or Deny permissions. Note: you must remove the permission before changing
to the next user or changes may be lost. To remove an item, uncheck it in the list box And click Remove Permissions.
Example 3: Add New Allow or Deny Permissions
lstAllowPermissions.Items.IndexOf(cboPermissionList.SelectedItem) = -1
lstUsers.SelectedIndex <> -1
'filename must be something or a files properties have not been loaded
lstDenyPermissions.Items.IndexOf(cboPermissionList.SelectedItem) = -1
Figure 4 – showing how the deny permissions were applied to the file.
In Example 4, see how the Permission Entry for devices (devices.txt file) Dialog above is showing only the Deny permission of List Directory Contents and there is a new Deny rule added. The new rule is added when the List folder permission is changed to
deny. This rule is only applied though when we click BtnSet Permissions (also called the Set Permissions button) before moving onto the next user. Note: these are local file permissions and do not include changing any active directory permissions.
This file is an authorized copy of the following article by the same author: Better to ask for permission Then forgiveness codeproject original article.
The formatting of this Wiki article maybe be improved or different compared to the original version.
For code highlighting, try pasting the code into a Word document, then copying that and using "Paste from Word".
After that you have to identify the rgb codes in the html and replace them with color names, i.e. blue, tomato, darkcyan, etc
Please change heading of the article put heading relevant to what you are doing instead of using a adage
Paul, its a matter of it shows up correctly in design view before I submit it but does not save the formatting back afterwards.
The thinker you changed total formatting which I tried fixing. Can you look at your article at top why so much space and please change Article heading it has no meaning.
Spanky_621 should be fixed now.
Explanation of the Title Pun (so I do not have to remove it): I am working on a security permissions how-to, so I tried to use a nice title. The title refers to how sometimes we need to test basic security features or create test scenarios to know that security is working. @Shanky_621, I could change it but do you have a better one to replace it? As far as it goes, I could add a section in explaining it. Everyone who edited good job!
Peter Geelen - MSFT edited Revision 28. Comment: Fixed HTML code issues, standardized format, set correct references
This article was highlighted in the TechNet Wiki Ninja Top Contributors weekly blog , Most Revised Article Award, 15/06/2014 - blogs.technet.com/.../top-contributors-awards-analysing-messages-ghosts-amp-mysteries-a-strange-case-to-solve-plus-small-basic-home-projects-and-asking-for-forgiveness-or-permission.aspx
This article was add to the TechNet Wiki Magazine