question

cybercritic avatar image
0 Votes"
cybercritic asked TimonYang-MSFT commented

Example code for FileSystemAuditRule class doesn't compile and none of remove audit rule functions work

The code example for FileSystemAuditRule doesn't work

https://docs.microsoft.com/en-us/dotnet/api/system.security.accesscontrol.filesystemauditrule?view=net-5.0

File class has no File.GetAccessControl or File.SetAccessControl methods.

Found a workaround by using the FileInfo class as it has those functions, however none of the functions for removing rules work (RemoveAuditRuleAll, RemoveAuditRule, RemoveAuditRuleSpecific), only PurgeAuditRules works which removes all audit rules.

 public static void AddFileAuditRule(string FileName, FileSystemRights Rights, AuditFlags AuditRule)
         {
             string userName = System.Security.Principal.WindowsIdentity.GetCurrent().Name;
    
             FileInfo info = new FileInfo(FileName);
             FileSecurity fSecurity = info.GetAccessControl();
    
             fSecurity.SetAccessRuleProtection(false, false);
             fSecurity.AddAuditRule(new FileSystemAuditRule(userName, Rights, AuditRule));
    
             info.SetAccessControl(fSecurity);
         }
    
         public static void RemoveFileAuditRule(string FileName, FileSystemRights Rights, AuditFlags AuditRule)
         {
             string userName = System.Security.Principal.WindowsIdentity.GetCurrent().Name;
    
             FileInfo info = new FileInfo(FileName);
             FileSecurity fSecurity = info.GetAccessControl();
    
             //fSecurity.RemoveAuditRule(new FileSystemAuditRule(userName, Rights, AuditRule));
             fSecurity.PurgeAuditRules(System.Security.Principal.WindowsIdentity.GetCurrent().User);
    
             info.SetAccessControl(fSecurity);
         }

dotnet-csharp
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

Viorel-1 avatar image
0 Votes"
Viorel-1 answered TimonYang-MSFT commented

I think that you should create a project which is based on .NET Framework: “Console App (.NET Framework)”. The example is not for .NET 5 and .NET Core. It should compile. Check if it works.

· 4
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I'm working with .net core 3.1, tried switching to .net 5.0, it doesn't work and the example is marked that it works on those versions, also the System.IO.File doesn't have File.GetAccessControl or File.SetAccessControl in the documentation. Switching from .net core is not really an option.

0 Votes 0 ·

Even if you are not interested in .NET Framework, but have time, you can check if the example is still valid for .NET Framework.

0 Votes 0 ·

I did check, versions below 5.0 have the File.GetAccessControl function.

0 Votes 0 ·

@cybercritic

the example is marked that it works on those versions

We should look at the documentation of this method, which says that it is not applicable to .Net Core.

FileInfo.GetAccessControl Method

0 Votes 0 ·