How to grant full permission to a file created by my application for ALL users?

C#.NetWinformsPermissionsUser Accounts

C# Problem Overview

The tool I develop needs to grant access rights "Full Control" to a file created by it. It needs to be read, modified and deleted from all windows accounts and even possible future accounts. Could this be achieved?

I know I can try this for a SPECIFIC_USER:

FileSystemAccessRule rule = new FileSystemAccessRule(SPECIFIC_USER, FileSystemRights.FullControl, AccessControlType.Allow);
FileSecurity fSecurity = File.GetAccessControl(filePath);
fSecurity.SetAccessRule(rule);
File.SetAccessControl(filePath, fSecurity);

But how do I grant it to all users? And even possible future accounts? If the latter part is not possible, how to go about the first requirement?

Thanks.

EDIT:

This is the code which worked for me. Taken from the answerer's link.

private void GrantAccess(string fullPath)
{
    DirectoryInfo dInfo = new DirectoryInfo(fullPath);
    DirectorySecurity dSecurity = dInfo.GetAccessControl();
    dSecurity.AddAccessRule(new FileSystemAccessRule(
        new SecurityIdentifier(WellKnownSidType.WorldSid, null), 
        FileSystemRights.FullControl,
        InheritanceFlags.ObjectInherit |
           InheritanceFlags.ContainerInherit,
        PropagationFlags.NoPropagateInherit,
        AccessControlType.Allow));

    dInfo.SetAccessControl(dSecurity);
}

Note the PropagationFlags.NoPropagateInherit which is required (mentioned towards the last in the link). It does grant privilege to even future accounts.

C# Solutions

Solution 1 - C#

Note to people using this.

When using literal strings for the FileSystemAccessRule, it should be WellKnownSidType.WorldSid instead of "everyone".

The reason is because there are multiple Window languages and Everyone only applies to EN ones, so for Spanish, it might be "Todos" (or something else).

using System.Security.AccessControl;
using System.Security.Principal;
using System.IO;

private void GrantAccess(string fullPath)
{
    DirectoryInfo dInfo = new DirectoryInfo(fullPath);
    DirectorySecurity dSecurity = dInfo.GetAccessControl();
    dSecurity.AddAccessRule(new FileSystemAccessRule(new SecurityIdentifier(WellKnownSidType.WorldSid, null), FileSystemRights.FullControl, InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, PropagationFlags.NoPropagateInherit, AccessControlType.Allow));
    dInfo.SetAccessControl(dSecurity);
}

Solution 2 - C#

You will need to give full control to "Everyone" group on the machine. Found this post on MSDN which talks about it.

Hope this works for you.

Categories
Recommended C# Solutions
Recommended .Net Solutions
Recommended Winforms Solutions
Recommended Permissions Solutions
Recommended User Accounts Solutions

Previous Solution:

Convert a number into a Roman numeral in JavaScript

JavascriptRoman Numerals

Next Solution:

maven: Is it possible to override location of local repository via the use of command line option or env variable?

MavenMaven 2

Attributions

All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
QuestionnawfalView Question on Stackoverflow
Solution 1 - C#Angelo VargasView Answer on Stackoverflow
Solution 2 - C#Amar PalsapureView Answer on Stackoverflow