C#文件更改/创建/删除事件 [英] C# File change/create/delete event
问题描述
我目前正在研究安全性内容,并试图构建一个基本的访问限制器",如果在特定目录(包括子目录)中创建,更改,删除了文件或文件夹等,则应该进行注册.
im currently getting into security stuff and trying to build a basic "access limiter" which should register if a file or folder in a specific directory (including subdirectories) is created, changed, deleted etc.
在使用 FileSystemWatcher 进行操作之后,我已经想出了解决方法,但是我想在处理请求之前捕获请求/事件.我已经搜索了一段时间,但还没有真正找到解决方案.
I already figured out how to do it after the action took place using FileSystemWatcher, but I want to catch the request / event before it happens to process it. I already searched a while but haven`t really found a solution yet.
如果可能出现这种情况,我将感谢您提供提示或简短的样本/参考.预先感谢.
If something like this is possible I would be grateful for tips or short samples / references. Thanks in advance.
推荐答案
正如您已经说过的,您已经可以看到对文件进行了某些处理之后会发生什么.据我所知,您不能从.Net抢占文件系统的访问权限,因为这是在较低的一层(存储之上)发生的.如果要确保安全性,最好将重点放在NTFS/共享级别的安全性上(如Blorgbeard所说的标准权限).
As you've stated, you can already see what happens after the fact that something has been done to a file. To my knowledge, you can't preempt file system access from .Net as this is happening on a much lower layer (right above storage). If you are trying to ensure security, you are better off focusing on NTFS/Share level security (standard permissions like Blorgbeard said).
如果您真的想拦截文件系统调用,则可能只是想使用文件系统过滤器驱动程序,但这看起来非常困难.
If you really want to intercept file system calls, a file system filter driver may be what you're after but it looks very difficult.
概念介绍: http://msdn.microsoft.com/en-us/library/windows/hardware/dn641617
Another SO answer restating the same thing (which I based the above link on): How to intercept the access to a file in a .NET Program
或者,您可以定制安全应用程序,以枚举文件/文件夹上的安全设置,以作为确保适当的文件系统安全设置到位的预防措施,如果没有,请采取纠正措施.您可以使用FileSecurity类来了解您可以使用的功能(有点!):
Alternatively, you can tailor your security app to enumerate the security settings on files/folders as a preventative measure to ensure the proper file system security settings are in place, or take corrective action if they are not. You can use the FileSecurity class to get an idea of what is available to you (quite a bit!): http://msdn.microsoft.com/en-us/library/system.security.accesscontrol.filesecurity(v=vs.110).aspx
如果您想走审计路线并坚持使用FileSecurity和/或DirectorySecurity类,我将发布一个单独的问题,我们可以解决这个问题.
If you want to go the audit route and get stuck on using the FileSecurity and/or DirectorySecurity class, I would post a separate question and we can tackle that.
如果您愿意的话,一些有关编写过滤器驱动程序的实际代码(请注意,不要使用.net): http://www.codeproject.com/Articles/43586/文件系统过滤器驱动程序教程
Some actual code on writing the filter driver, if you are so inclined (beware, no .net): http://www.codeproject.com/Articles/43586/File-System-Filter-Driver-Tutorial
这篇关于C#文件更改/创建/删除事件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
