Remove access to admin from deleting the file in C#

62

Remove access to admin from deleting the file in C# - 

try
{
       // Way safer than string comparison against "BUILTIN\\Administrators"
       IdentityReference BuiltinAdministrators = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null);
       IdentityReference AuthenticatedUsers = new SecurityIdentifier(WellKnownSidType.AuthenticatedUserSid, null);

       FileSecurity FileACL = File.GetAccessControl("database.sdf"); // Grab ACL from file

       if (FileACL.GetOwner(typeof(SecurityIdentifier)) != BuiltinAdministrators) // Check if correct owner is set
       {
             FileACL.SetOwner(BuiltinAdministrators); // If not, make it so!
       }

       foreach (FileSystemAccessRule fsRule in FileACL.GetAccessRules(true, true, typeof(SecurityIdentifier)))
       {
             if ((fsRule.FileSystemRights & FileSystemRights.Delete) == FileSystemRights.Delete ||
                    (fsRule.FileSystemRights & FileSystemRights.ChangePermissions) == FileSystemRights.ChangePermissions) // Check if rule grants delete or change permissions
             {
                  FileACL.RemoveAccessRule(fsRule); // If so, nuke it!
             }
       }

       // Add explicit rules
       FileACL.AddAccessRule(new FileSystemAccessRule(BuiltinAdministrators, FileSystemRights.FullControl, AccessControlType.Allow));
       FileACL.AddAccessRule(new FileSystemAccessRule(AuthenticatedUsers, FileSystemRights.Delete, AccessControlType.Deny));
       FileACL.AddAccessRule(new FileSystemAccessRule(AuthenticatedUsers, FileSystemRights.ChangePermissions, AccessControlType.Deny));
       FileACL.AddAccessRule(new FileSystemAccessRule(AuthenticatedUsers, FileSystemRights.Read, AccessControlType.Allow));
       FileACL.AddAccessRule(new FileSystemAccessRule(AuthenticatedUsers, FileSystemRights.Write, AccessControlType.Allow));

       FileACL.SetAccessRuleProtection(true, false); // Enable protection from inheritance, remove existing inherited rules
       File.SetAccessControl("database.sdf", FileACL); // Write ACL back to file
   }
   catch { }

Comments

Submit
0 Comments

More Questions

url()- full() laravelhow to print in c# c# how to sort a list
print in c#get mouse position unity c# initialize array
string to int c#Retrieve url path Generate Random String
string to date vbmodal bootstrap style abril modal boostrap
c# serialize jsonboostrap 4 modal small modal popup bootstrap
model in bootsrap 4bootstrap modal popup c# random string
c sharp split stringstring to json c# laravel get current url
how get url in laravelhow to generate random letters in C# string to date
laravel route redirectcheck if two date ranges overlap c# Console.WriteLine($Hello Ana.ToUpper($)!);
phone number regex in c#list min and Max value in c# check shell command success
attribute c# get method name reflectionc# how to get screen resolution in class how to make dissapear an object in unity
wpf label text in centerhahhaa i hack u difference between all logging framework .NET Core
new color unityc# count files in directory and subdirectories Hello World Dotnet
import tachyons in reactHow can I cast string to enum .net core add header to soap request
open html file in browser using c++git find commits by message c# generate random date
how to get angular on visual studio macdotnet core encryption and decryption asp.net list all files in folder
C
CSS
Objective-C
PHP
Java
C++
Javascript
Html
Python
SQL
Swift
Ruby
Go
R
TypeScript
Kotlin
Assembly
VBA
Scala
Rust
Elixir
Dart
Haskell
Perl
Fortran
Matlab
Scheme
Julia
Lua
Delphi
Pascal
Solidity
BASIC
ActionScript
Csharp