ACLs are the way to make secure resources like file and
directories in the NTFS file system (It is the file system used by Windows XP,
NT4.0, Windows 2000 and Windows 2003). Through access control lists we can
actually change the access control on file or directories. We can view the
access control lists by selecting the security tab from the file’s properties
dialog. Using the new System.AccessControl namespace in the .NET Framework, we
can query the file system for the ACL information and display the same in web
page.
Listing 2
private void ShowACLInfo()
{
System.Security.AccessControl.FileSecurity fSec = File.GetAccessControl(
"C:/Documents and Settings/Sanjit Sil/Test.txt");
this.lblOwner.Text = fSec.GetOwner(typeof(System.Security.Principal.NTAccount)
).Value;
AuthorizationRuleCollection author = fSec.GetAccessRules(true, true, typeof
(System.Security.Principal.NTAccount));
TableCell tc;
TableHeaderCell thc;
TableRow trr = new TableRow();
thc = new TableHeaderCell();
thc.Text = "Control Type";
trr.Cells.Add(thc);
thc = new TableHeaderCell();
thc.Text = "Identity";
trr.Cells.Add(thc);
thc = new TableHeaderCell();
thc.Text = "Inheritance Flags";
trr.Cells.Add(thc);
tblAccessControlList.Rows.Add(trr);
thc = new TableHeaderCell();
thc.Text = "Is Inherited";
trr.Cells.Add(thc);
thc = new TableHeaderCell();
thc.Text = "Propagation Flags";
trr.Cells.Add(thc);
thc = new TableHeaderCell();
thc.Text = "File System Right";
trr.Cells.Add(thc);
tblAccessControlList.Rows.Add(trr);
tblAccessControlList.Rows.Add(trr);
tblAccessControlList.Rows.Add(trr);
foreach (FileSystemAccessRule rule in author)
{
TableRow tr = new TableRow();
tc = new TableCell();
tc.Text = rule.AccessControlType.ToString();
tr.Cells.Add(tc);
tc = new TableCell();
tc.Text = rule.IdentityReference.Value;
tr.Cells.Add(tc);
tc = new TableCell();
tc.Text = rule.InheritanceFlags.ToString();
tr.Cells.Add(tc);
tc = new TableCell();
tc.Text = rule.IsInherited.ToString();
tr.Cells.Add(tc);
tc = new TableCell();
tc.Text = rule.PropagationFlags.ToString();
tr.Cells.Add(tc);
tc = new TableCell();
tc.Text = rule.FileSystemRights.ToString();
tr.Cells.Add(tc);
tblAccessControlList.Rows.Add(tr);
}
}
In the code specified in Listing 2, a file security object
has been used to get full information of ACL on a specific file named Test.txt.
In the label using GetOwner method of filesecurity object, the owner
associated with the specified primary group (here NTAccount) has been displayed.
Here, AuthorizationRuleCollection has stored the collection
data returned from FileSecurity. GetAccessRules () method then uses loop and,
with the help of FileSystemAccessRule object desire, displays information in a
table. The output has been displayed in the following figure.
Figure 1