如何设置文件夹的权限使用.NET？ [英] How to set folder permissions with .NET?

问题描述

是否有可能使用小.NET页面上它驻留在服务器上的某些文件夹设置文件夹的权限？什么是可以用于此的code或对象？我是Windows Server 2003上。

Is it possible to use a small .NET page to set folder permissions on some folders on the server where it resides? What is the code or objects that can be used for this? I am on Windows Server 2003.

基本上我想击中一个GET或POST页，并让它运行，检查和/或文件夹上的更新权限。

Basically I want to hit the page with a GET or POST and have it run and check and/or update the permissions on a folder.

推荐答案

有许多可能的方法来处理这​​个。

There's a number of possible ways to approach this.

一种是使用<一href=\"http://msdn.microsoft.com/en-us/library/system.security.permissions.fileiopermission.aspx\">FileIOPermissions类，它允许您指定的文件和文件夹的权限。

One is to use the FileIOPermissions class, which allows you to specify permissions on files and folders.

另一种选择是使用<一href=\"http://msdn.microsoft.com/en-us/library/system.security.accesscontrol.directorysecurity.aspx\">DirectorySecurity在<一类href=\"http://msdn.microsoft.com/en-us/library/system.security.accesscontrol.aspx\">System.Security.AccessControl命名空间，特别是<一个href=\"http://msdn.microsoft.com/en-us/library/system.io.directory.setaccesscontrol.aspx\">SetAccessControl该类方法。

The other option is to use the DirectorySecurity class within the System.Security.AccessControl Namespace, and specifically the SetAccessControl Method of that class.

这第二种方法应为您提供更多的粒度和控制权限的设置作为System.Security.AccessControl命名空间，您可以以编程方式创建或修改的自由访问控制列表（DACL）和系统访问控制列表（SACL）为一些受保护的资源，如文件，文件夹等。

This second method should provide you with much more granularity and control over the setting of permissions as the System.Security.AccessControl namespace allows you to programmatically create or modify discretionary access control lists (DACLs) and system access control lists (SACLs) for a number of protected resources such as files, folders, and so on.

无论您选择执行权限设置方法，您将需要牢记，你的ASP.NET驱动code在其下运行的帐户。你说你正在使用Windows Server 2003，那么你很可能使用的是 IIS 6.0 版本。默认情况下，IIS 6.0将运行所有的用户code中的网络服务下， 账户，这是一个低权限的帐户，将有IIS进程和网站层次结构之外的有限的权限。你可以阅读MSDN文章，如何：在ASP.NET中使用网络服务帐户来访问资源 关于在服务器端获取资源，正是访问，您将拥有该帐户下。

Irrespective of the method you choose to perform the permission setting, you will need to be mindful of the account that your ASP.NET-driven code is running under. You say you are using Windows Server 2003, so you're probably using IIS version 6.0. By default, IIS 6.0 will run all user code under the "Network Service" account, which is a low-privilege account and will have limited permissions outside of the IIS processes and the website hierarchy. You can read the MSDN article, "How To: Use the Network Service Account to Access Resources in ASP.NET" regarding accessing resources on the server side and exactly what access you will have under this account.

这取决于你想要做什么的确切性质，可能还需要寻找到的 ASP.NET模拟，以使您的服务器端的code到不同的帐户的上下文中运行。请参阅MSDN文章如何：使用模拟和代表团在ASP.NET 2.0中为上的更多信息。

Depending upon the exact nature of what you want to do, you may also need to look into ASP.NET Impersonation to enable your server side code to run under the context of a different account. See the MSDN article, "How To: Use Impersonation and Delegation in ASP.NET 2.0" for more information on that.

这篇关于如何设置文件夹的权限使用.NET？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！