I am writing a small utility in C # to make sure that the specified folder and all its contents have the appropriate permissions (I want to provide full access to the Authenticated Users group). The following code seems to work correctly to update the top-level ACL (Access Control List):
SecurityIdentifier allUsers = new SecurityIdentifier(WellKnownSidType.AuthenticatedUserSid, null); InheritanceFlags iFlags = InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit; FileSystemAccessRule newRule = new FileSystemAccessRule(allUsers, FileSystemRights.FullControl, iFlags, PropagationFlags.None, AccessControlType.Allow); DirectoryInfo info = new DirectoryInfo(folderPath); DirectorySecurity security = info.GetAccessControl(); security.AddAccessRule(newRule); info.SetAccessControl(security);
I noticed, however, that this new access rule does not apply to subfolders for which the option "Enable inherited permissions ..." is not checked in their security properties. It makes sense. So what I want to do is re-enable inheritance of security permissions for any such subfolders.
My digging discovered the ObjectSecurity.SetAccessRuleProtection method, which should be half what I need. However, it seems negligent to simply blindly use the above method for objects that already inherit their parent DACL. Thus, I want to determine which objects inherit their inheritance, but I cannot find the corresponding method or property that returns this information. Is there any? Did I miss something?
source share