如何重置和删除账号的ACL权限?
How to reset and delete ACL permissions for account?
OS Windows 7 SP1 x64
我为某个帐户设置了我的文件夹的 ACL 权限:
var accessRule = new FileSystemAccessRule(account,
fileSystemRights: FileSystemRights.Modify,
inheritanceFlags: InheritanceFlags.ContainerInherit |
InheritanceFlags.ObjectInherit,
propagationFlags: PropagationFlags.None,
type: AccessControlType.Allow);
// Get a DirectorySecurity object that represents the
// current security settings.
DirectorySecurity dSecurity = directoryinfo.GetAccessControl();
// Add the FileSystemAccessRule to the security settings.
dSecurity.AddAccessRule(accessRule);
// Set the new access settings.
directoryinfo.SetAccessControl(dSecurity);
在这种情况下,我允许读取和写入帐户。它工作正常。
但后来我想更改该帐户的权限:允许只读权限。我使用这样的代码:
var accessRule = new FileSystemAccessRule(account,
fileSystemRights: FileSystemRights.ReadAndExecute,
inheritanceFlags: InheritanceFlags.ContainerInherit |
InheritanceFlags.ObjectInherit,
propagationFlags: PropagationFlags.None,
type: AccessControlType.Allow);
// Get a DirectorySecurity object that represents the
// current security settings.
DirectorySecurity dSecurity = directoryinfo.GetAccessControl();
// Add the FileSystemAccessRule to the security settings.
dSecurity.AddAccessRule(accessRule);
// Set the new access settings.
directoryinfo.SetAccessControl(dSecurity);
但该帐户仍然具有写入权限。我该如何解决?另外,当我以后想删除该帐户的 ACL 权限时,我该如何删除?
很简单:
dSecurity = directoryinfo.GetAccessControl();
accessRule = new FileSystemAccessRule(account,
fileSystemRights: FileSystemRights.ReadAndExecute,
inheritanceFlags: InheritanceFlags.ContainerInherit |
InheritanceFlags.ObjectInherit,
propagationFlags: PropagationFlags.None,
type: AccessControlType.Allow);
dSecurity.SetAccessRule(accessRule);
directoryinfo.SetAccessControl(dSecurity);
并删除:
dSecurity = directoryinfo.GetAccessControl();
accessRule = new FileSystemAccessRule(account, 0, 0);
dSecurity.RemoveAccessRuleAll(accessRule);
directoryinfo.SetAccessControl(dSecurity);
请注意,即使 account 没有访问规则,SetAccessRule 也会起作用(因此它甚至可以用于初始 Add)
OS Windows 7 SP1 x64
我为某个帐户设置了我的文件夹的 ACL 权限:
var accessRule = new FileSystemAccessRule(account,
fileSystemRights: FileSystemRights.Modify,
inheritanceFlags: InheritanceFlags.ContainerInherit |
InheritanceFlags.ObjectInherit,
propagationFlags: PropagationFlags.None,
type: AccessControlType.Allow);
// Get a DirectorySecurity object that represents the
// current security settings.
DirectorySecurity dSecurity = directoryinfo.GetAccessControl();
// Add the FileSystemAccessRule to the security settings.
dSecurity.AddAccessRule(accessRule);
// Set the new access settings.
directoryinfo.SetAccessControl(dSecurity);
在这种情况下,我允许读取和写入帐户。它工作正常。
但后来我想更改该帐户的权限:允许只读权限。我使用这样的代码:
var accessRule = new FileSystemAccessRule(account,
fileSystemRights: FileSystemRights.ReadAndExecute,
inheritanceFlags: InheritanceFlags.ContainerInherit |
InheritanceFlags.ObjectInherit,
propagationFlags: PropagationFlags.None,
type: AccessControlType.Allow);
// Get a DirectorySecurity object that represents the
// current security settings.
DirectorySecurity dSecurity = directoryinfo.GetAccessControl();
// Add the FileSystemAccessRule to the security settings.
dSecurity.AddAccessRule(accessRule);
// Set the new access settings.
directoryinfo.SetAccessControl(dSecurity);
但该帐户仍然具有写入权限。我该如何解决?另外,当我以后想删除该帐户的 ACL 权限时,我该如何删除?
很简单:
dSecurity = directoryinfo.GetAccessControl();
accessRule = new FileSystemAccessRule(account,
fileSystemRights: FileSystemRights.ReadAndExecute,
inheritanceFlags: InheritanceFlags.ContainerInherit |
InheritanceFlags.ObjectInherit,
propagationFlags: PropagationFlags.None,
type: AccessControlType.Allow);
dSecurity.SetAccessRule(accessRule);
directoryinfo.SetAccessControl(dSecurity);
并删除:
dSecurity = directoryinfo.GetAccessControl();
accessRule = new FileSystemAccessRule(account, 0, 0);
dSecurity.RemoveAccessRuleAll(accessRule);
directoryinfo.SetAccessControl(dSecurity);
请注意,即使 account 没有访问规则,SetAccessRule 也会起作用(因此它甚至可以用于初始 Add)