Check for required admin rights to edit a file [Answered]
Heyo! In short I use SDelete to shred files and I want to know before running the program if any file requires admin rights to be deleted. Is that possible ?
51 Replies
With C#? Otherwise check for Delete permission in Properties -> Security -> Advanced
yeah with C# 😅
ma men instinct commin' clutch again
goal is to ask the user for admin rights before to avoid files being left behind after operation
you have to read the file's permissions and see if the user running the command is in the acl or not
how do you get the perms ?
and what does acl means ?
access control list
the ntfs permissions
oh okay
huuuh how do you get access to that in c#
I see nothing useful in FileInfo
File.GetSecurityContext or something like that
checking...
something like this:
File.GetAccessControl(@"c:\somefile.txt").GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount));
file permissions are quite complex
I don(y have .GetAccessControl
GetAttributes maybe?
not that
that's in framework
core may be different
FileSecurity
new FileInfo("").GetAccessControl().GetAccessRules(...)
or that
GetAccessControl is an extension method
this ?
that's checking just owner
there's more to it for file access
you want all sections
edited
is that what I want to check for write acess ?
bro this looks complex as shit
who decided it'd be a good idea to do this
that's part of it
that should get you all of the access rules
but yeah, it's very complex
you have to take them in whole as one rule can invalidate previous
can't I just fiond a workaround involving trying to write to the file and catchiçng an exception ?
you can do that
how'd that work ?
that's honestly how most filesystem access problems get solved
would it throw if I open a file I don't have access to ?
try { something to do with teh filesystem } catch (whatever exception it throws) { report Needs elevated access to user}
so wait
if you want read access, yeah
just to be sure
if you want to delete the file, that may be different
a user can have write access to a directory but no to the files in the dir right ?
I think I need write access
File.OpenWrite might throw
lemme test
let's go babyyyyyyyyyyy
cisien
is writing this
await File.OpenWrite(info.FullName).DisposeAsync(); legal ?
like directly .Disposing
no what is this garbage
you can't set UseSHellExecute to true if you redirect output streams but you also can't run as admin if you dan"t have SheleExecute to trueprobably
though you won't call DisposeAsync if OpenWrite throws
but you may not need to. i'm not sure what the side effects are if opening fails.
@Aeris this sounds like you're just setting yourself up for a TOCTOU bug
just delete the file, and handle errors if applicable
sdelete probably returns a specific error code on access deniedjust throws
would work if I were shredding files one by one
what i'm not sure if is if there are native resources held after the throw
but I just chuck everything into a single command
keep in mind this code will be slow
why ?
you're doing file i/o to see if it succeeds, then performing logic based on exceptions, which tend to be slow
oh
welp
if you're doing it frequently (like that) you can expect to see this take some time if there are a large number of files
it seemed fine from the few runs I did
other way around is to run sdelete file per file
test it, it may not be a problem for your scenario
and as jcotton said see if it returns a specific exit code
how many files is "a large number of files"?
returns 0
whatever number doesn't cause issues 🙂
wdym ?
the actual number doesn't matter, it's going to vary per system
could be 50, could be 50,000
oh yeah true
welp guess I'm gonna stuck to my solution
alright thanks yall for your help, really appreciated
have a good day °D°
✅ This post has been marked as answered!