DirectorySecurity 类

定义

表示目录的访问控制和审核安全。Represents the access control and audit security for a directory. 无法继承此类。This class cannot be inherited.

public ref class DirectorySecurity sealed : System::Security::AccessControl::FileSystemSecurity
public sealed class DirectorySecurity : System.Security.AccessControl.FileSystemSecurity
[System.Security.SecurityCritical]
public sealed class DirectorySecurity : System.Security.AccessControl.FileSystemSecurity
type DirectorySecurity = class
    inherit FileSystemSecurity
Public NotInheritable Class DirectorySecurity
Inherits FileSystemSecurity
继承
属性

示例

下面的代码示例使用 DirectorySecurity 类添加并删除目录中的访问控制列表(ACL)项。The following code example uses the DirectorySecurity class to add and then remove an access control list (ACL) entry from a directory. 你必须提供有效的用户或组帐户以运行此示例。You must supply a valid user or group account to run this example.

using namespace System;
using namespace System::IO;
using namespace System::Security::AccessControl;

// Adds an ACL entry on the specified directory for the
// specified account.
void AddDirectorySecurity(String^ directoryName, String^ account, 
     FileSystemRights rights, AccessControlType controlType)
{
    // Create a new DirectoryInfo object.
    DirectoryInfo^ dInfo = gcnew DirectoryInfo(directoryName);

    // Get a DirectorySecurity object that represents the
    // current security settings.
    DirectorySecurity^ dSecurity = dInfo->GetAccessControl();

    // Add the FileSystemAccessRule to the security settings.
    dSecurity->AddAccessRule( gcnew FileSystemAccessRule(account,
        rights, controlType));

    // Set the new access settings.
    dInfo->SetAccessControl(dSecurity);
}

// Removes an ACL entry on the specified directory for the
// specified account.
void RemoveDirectorySecurity(String^ directoryName, String^ account,
     FileSystemRights rights, AccessControlType controlType)
{
    // Create a new DirectoryInfo object.
    DirectoryInfo^ dInfo = gcnew DirectoryInfo(directoryName);

    // Get a DirectorySecurity object that represents the
    // current security settings.
    DirectorySecurity^ dSecurity = dInfo->GetAccessControl();

    // Add the FileSystemAccessRule to the security settings.
    dSecurity->RemoveAccessRule(gcnew FileSystemAccessRule(account,
        rights, controlType));

    // Set the new access settings.
    dInfo->SetAccessControl(dSecurity);
}    

int main()
{
    String^ directoryName = "TestDirectory";
    String^ accountName = "MYDOMAIN\\MyAccount";
    if (!Directory::Exists(directoryName))
    {
        Console::WriteLine("The directory {0} could not be found.", 
            directoryName);
        return 0;
    }
    try
    {
        Console::WriteLine("Adding access control entry for {0}",
            directoryName);

        // Add the access control entry to the directory.
        AddDirectorySecurity(directoryName, accountName,
            FileSystemRights::ReadData, AccessControlType::Allow);

        Console::WriteLine("Removing access control entry from {0}",
            directoryName);

        // Remove the access control entry from the directory.
        RemoveDirectorySecurity(directoryName, accountName, 
            FileSystemRights::ReadData, AccessControlType::Allow);

        Console::WriteLine("Done.");
    }
    catch (UnauthorizedAccessException^)
    {
        Console::WriteLine("You are not authorised to carry" +
            " out this procedure.");
    }
    catch (System::Security::Principal::
        IdentityNotMappedException^)
    {
        Console::WriteLine("The account {0} could not be found.", accountName);
    }
}

using System;
using System.IO;
using System.Security.AccessControl;

namespace FileSystemExample
{
    class DirectoryExample
    {
        public static void Main()
        {
            try
            {
                string DirectoryName = "TestDirectory";

                Console.WriteLine("Adding access control entry for " + DirectoryName);

                // Add the access control entry to the directory.
                AddDirectorySecurity(DirectoryName, @"MYDOMAIN\MyAccount", FileSystemRights.ReadData, AccessControlType.Allow);

                Console.WriteLine("Removing access control entry from " + DirectoryName);

                // Remove the access control entry from the directory.
                RemoveDirectorySecurity(DirectoryName, @"MYDOMAIN\MyAccount", FileSystemRights.ReadData, AccessControlType.Allow);

                Console.WriteLine("Done.");
            }
            catch (Exception e)
            {
                Console.WriteLine(e);
            }

            Console.ReadLine();
        }

        // Adds an ACL entry on the specified directory for the specified account.
        public static void AddDirectorySecurity(string FileName, string Account, FileSystemRights Rights, AccessControlType ControlType)
        {
            // Create a new DirectoryInfo object.
            DirectoryInfo dInfo = new DirectoryInfo(FileName);

            // Get a DirectorySecurity object that represents the 
            // current security settings.
            DirectorySecurity dSecurity = dInfo.GetAccessControl();

            // Add the FileSystemAccessRule to the security settings. 
            dSecurity.AddAccessRule(new FileSystemAccessRule(Account,
                                                            Rights,
                                                            ControlType));

            // Set the new access settings.
            dInfo.SetAccessControl(dSecurity);
        }

        // Removes an ACL entry on the specified directory for the specified account.
        public static void RemoveDirectorySecurity(string FileName, string Account, FileSystemRights Rights, AccessControlType ControlType)
        {
            // Create a new DirectoryInfo object.
            DirectoryInfo dInfo = new DirectoryInfo(FileName);

            // Get a DirectorySecurity object that represents the 
            // current security settings.
            DirectorySecurity dSecurity = dInfo.GetAccessControl();

            // Add the FileSystemAccessRule to the security settings. 
            dSecurity.RemoveAccessRule(new FileSystemAccessRule(Account,
                                                            Rights,
                                                            ControlType));

            // Set the new access settings.
            dInfo.SetAccessControl(dSecurity);
        }
    }
}

Imports System.IO
Imports System.Security.AccessControl



Module DirectoryExample

    Sub Main()
        Try
            Dim DirectoryName As String = "TestDirectory"

            Console.WriteLine("Adding access control entry for " + DirectoryName)

            ' Add the access control entry to the directory.
            AddDirectorySecurity(DirectoryName, "MYDOMAIN\MyAccount", FileSystemRights.ReadData, AccessControlType.Allow)

            Console.WriteLine("Removing access control entry from " + DirectoryName)

            ' Remove the access control entry from the directory.
            RemoveDirectorySecurity(DirectoryName, "MYDOMAIN\MyAccount", FileSystemRights.ReadData, AccessControlType.Allow)

            Console.WriteLine("Done.")
        Catch e As Exception
            Console.WriteLine(e)
        End Try

        Console.ReadLine()

    End Sub


    ' Adds an ACL entry on the specified directory for the specified account.
    Sub AddDirectorySecurity(ByVal FileName As String, ByVal Account As String, ByVal Rights As FileSystemRights, ByVal ControlType As AccessControlType)
        ' Create a new DirectoryInfoobject.
        Dim dInfo As New DirectoryInfo(FileName)

        ' Get a DirectorySecurity object that represents the 
        ' current security settings.
        Dim dSecurity As DirectorySecurity = dInfo.GetAccessControl()

        ' Add the FileSystemAccessRule to the security settings. 
        dSecurity.AddAccessRule(New FileSystemAccessRule(Account, Rights, ControlType))

        ' Set the new access settings.
        dInfo.SetAccessControl(dSecurity)

    End Sub


    ' Removes an ACL entry on the specified directory for the specified account.
    Sub RemoveDirectorySecurity(ByVal FileName As String, ByVal Account As String, ByVal Rights As FileSystemRights, ByVal ControlType As AccessControlType)
        ' Create a new DirectoryInfo object.
        Dim dInfo As New DirectoryInfo(FileName)

        ' Get a DirectorySecurity object that represents the 
        ' current security settings.
        Dim dSecurity As DirectorySecurity = dInfo.GetAccessControl()

        ' Add the FileSystemAccessRule to the security settings. 
        dSecurity.RemoveAccessRule(New FileSystemAccessRule(Account, Rights, ControlType))

        ' Set the new access settings.
        dInfo.SetAccessControl(dSecurity)

    End Sub
End Module

注解

DirectorySecurity 类指定系统目录的访问权限以及访问尝试的审核方式。The DirectorySecurity class specifies the access rights for a system directory and how access attempts are audited. 此类将访问权限和审核权限表示为一组规则。This class represents access and audit rights as a set of rules. 每个访问规则由一个 FileSystemAccessRule 对象表示,而每个审核规则由一个 FileSystemAuditRule 对象表示。Each access rule is represented by a FileSystemAccessRule object, while each audit rule is represented by a FileSystemAuditRule object.

DirectorySecurity 类是基础 Windows 文件安全系统的抽象。The DirectorySecurity class is an abstraction of the underlying Windows file security system. 在此系统中,每个目录都有一个自定义访问控制列表(DACL),用于控制对目录的访问,以及一个系统访问控制列表(SACL),后者指定了审核的访问控制尝试。In this system, each directory has a discretionary access control list (DACL), which controls access to the directory, and a system access control list (SACL), which specifies the access control attempts that are audited. FileSystemAccessRuleFileSystemAuditRule 类是包含 Dacl 和 Sacl 的访问控制项(Ace)的抽象。The FileSystemAccessRule and FileSystemAuditRule classes are abstractions of the access control entries (ACEs) that comprise DACLs and SACLs.

DirectorySecurity 类隐藏了 Dacl 和 Sacl 的许多详细信息;不必担心 ACE 顺序或 null DACL。The DirectorySecurity class hides many of the details of DACLs and SACLs; you do not have to worry about ACE ordering or null DACLS.

使用 FileSecurity 类可检索、添加或更改表示文件的 DACL 和 SACL 的访问规则。Use the FileSecurity class to retrieve, add, or change the access rules that represent the DACL and SACL of a file.

下表列出了可以用来访问和维护目录安全性的方法。The following tables lists the methods you can use to access and maintain directory security.

任务Task 方法Methods
添加规则Add rules FileSystemSecurity.AddAccessRule

FileSystemSecurity.AddAuditRule
删除规则Remove rules FileSystemSecurity.RemoveAccessRule

FileSystemSecurity.RemoveAuditRule
检索目录的访问控制Retrieve the access control to a directory Directory.GetAccessControl

DirectoryInfo.GetAccessControl
将访问控制持久保存到目录Persist the access control to a directory Directory.SetAccessControl

DirectoryInfo.SetAccessControl

构造函数

DirectorySecurity()

初始化 DirectorySecurity 类的新实例。Initializes a new instance of the DirectorySecurity class.

DirectorySecurity(String, AccessControlSections)

使用指定的 DirectorySecurity 枚举值从指定目录初始化 AccessControlSections 类的新实例。Initializes a new instance of the DirectorySecurity class from a specified directory using the specified values of the AccessControlSections enumeration.

属性

AccessRightType

获取 FileSystemSecurity 类用于表示访问规则的枚举。Gets the enumeration that the FileSystemSecurity class uses to represent access rights.

(继承自 FileSystemSecurity)
AccessRulesModified

获取或设置一个布尔值,该值指定是否已修改与此 ObjectSecurity 对象关联的访问规则。Gets or sets a Boolean value that specifies whether the access rules associated with this ObjectSecurity object have been modified.

(继承自 ObjectSecurity)
AccessRuleType

获取 FileSystemSecurity 类用于表示访问规则的枚举。Gets the enumeration that the FileSystemSecurity class uses to represent access rules.

(继承自 FileSystemSecurity)
AreAccessRulesCanonical

获取一个布尔值,该值指定与此 ObjectSecurity 对象关联的访问规则是否处于规范顺序。Gets a Boolean value that specifies whether the access rules associated with this ObjectSecurity object are in canonical order.

(继承自 ObjectSecurity)
AreAccessRulesProtected

获取一个布尔值,用于指定与 ObjectSecurity 对象关联的自定义访问控制列表 (DACL) 是否受到保护。Gets a Boolean value that specifies whether the Discretionary Access Control List (DACL) associated with this ObjectSecurity object is protected.

(继承自 ObjectSecurity)
AreAuditRulesCanonical

获取一个布尔值,该值指定与此 ObjectSecurity 对象关联的审核规则是否处于规范顺序。Gets a Boolean value that specifies whether the audit rules associated with this ObjectSecurity object are in canonical order.

(继承自 ObjectSecurity)
AreAuditRulesProtected

获取一个布尔值,该值指定与此 ObjectSecurity 对象关联的系统访问控制列表 (SACL) 是否受保护。Gets a Boolean value that specifies whether the System Access Control List (SACL) associated with this ObjectSecurity object is protected.

(继承自 ObjectSecurity)
AuditRulesModified

获取或设置一个布尔值,该值指定是否已修改与此 ObjectSecurity 对象关联的审核规则。Gets or sets a Boolean value that specifies whether the audit rules associated with this ObjectSecurity object have been modified.

(继承自 ObjectSecurity)
AuditRuleType

获取 FileSystemSecurity 类用于表示审核规则的类型。Gets the type that the FileSystemSecurity class uses to represent audit rules.

(继承自 FileSystemSecurity)
GroupModified

获取或设置一个布尔值,该值指定是否已修改与安全对象相关联的组。Gets or sets a Boolean value that specifies whether the group associated with the securable object has been modified.

(继承自 ObjectSecurity)
IsContainer

获取一个指定此 ObjectSecurity 对象是否是容器对象的布尔值。Gets a Boolean value that specifies whether this ObjectSecurity object is a container object.

(继承自 ObjectSecurity)
IsDS

获取一个布尔值,该值指定此 ObjectSecurity 对象是否是目录对象。Gets a Boolean value that specifies whether this ObjectSecurity object is a directory object.

(继承自 ObjectSecurity)
OwnerModified

获取或设置一个布尔值,该值指定是否已修改安全对象的所有者。Gets or sets a Boolean value that specifies whether the owner of the securable object has been modified.

(继承自 ObjectSecurity)
SecurityDescriptor

获取此实例的安全说明符。Gets the security descriptor for this instance.

(继承自 ObjectSecurity)

方法

AccessRuleFactory(IdentityReference, Int32, Boolean, InheritanceFlags, PropagationFlags, AccessControlType)

使用指定的访问权限、访问控制和标志初始化 FileSystemAccessRule 类的新实例,该实例表示指定用户的新的访问控制规则。Initializes a new instance of the FileSystemAccessRule class that represents a new access control rule for the specified user, with the specified access rights, access control, and flags.

(继承自 FileSystemSecurity)
AddAccessRule(AccessRule)

将指定的访问规则添加到与此 CommonObjectSecurity 对象关联的自由访问控制列表 (DACL)。Adds the specified access rule to the Discretionary Access Control List (DACL) associated with this CommonObjectSecurity object.

(继承自 CommonObjectSecurity)
AddAccessRule(FileSystemAccessRule)

将指定的访问控制列表 (ACL) 权限添加到当前文件或目录。Adds the specified access control list (ACL) permission to the current file or directory.

(继承自 FileSystemSecurity)
AddAuditRule(AuditRule)

将指定的审核规则添加到与该 CommonObjectSecurity 对象关联的系统访问控制列表 (SACL)。Adds the specified audit rule to the System Access Control List (SACL) associated with this CommonObjectSecurity object.

(继承自 CommonObjectSecurity)
AddAuditRule(FileSystemAuditRule)

将指定的审核规则添加到当前文件或目录。Adds the specified audit rule to the current file or directory.

(继承自 FileSystemSecurity)
AuditRuleFactory(IdentityReference, Int32, Boolean, InheritanceFlags, PropagationFlags, AuditFlags)

初始化 FileSystemAuditRule 类的新实例,它表示指定用户的指定审核规则。Initializes a new instance of the FileSystemAuditRule class representing the specified audit rule for the specified user.

(继承自 FileSystemSecurity)
Equals(Object)

确定指定对象是否等于当前对象。Determines whether the specified object is equal to the current object.

(继承自 Object)
GetAccessRules(Boolean, Boolean, Type)

获取与指定的安全性标识符关联的访问规则的集合。Gets a collection of the access rules associated with the specified security identifier.

(继承自 CommonObjectSecurity)
GetAuditRules(Boolean, Boolean, Type)

获取与指定的安全性标识符关联的审核规则的集合。Gets a collection of the audit rules associated with the specified security identifier.

(继承自 CommonObjectSecurity)
GetGroup(Type)

获取与指定所有者关联的主要组。Gets the primary group associated with the specified owner.

(继承自 ObjectSecurity)
GetHashCode()

用作默认哈希函数。Serves as the default hash function.

(继承自 Object)
GetOwner(Type)

获取与指定主要组关联的所有者。Gets the owner associated with the specified primary group.

(继承自 ObjectSecurity)
GetSecurityDescriptorBinaryForm()

返回表示此 ObjectSecurity 对象的安全描述符信息的字节值数组。Returns an array of byte values that represents the security descriptor information for this ObjectSecurity object.

(继承自 ObjectSecurity)
GetSecurityDescriptorSddlForm(AccessControlSections)

返回与此 ObjectSecurity 对象关联的安全描述符的指定部分的安全描述符定义语言 (SDDL) 表示形式。Returns the Security Descriptor Definition Language (SDDL) representation of the specified sections of the security descriptor associated with this ObjectSecurity object.

(继承自 ObjectSecurity)
GetType()

获取当前实例的 TypeGets the Type of the current instance.

(继承自 Object)
MemberwiseClone()

创建当前 Object 的浅表副本。Creates a shallow copy of the current Object.

(继承自 Object)
ModifyAccess(AccessControlModification, AccessRule, Boolean)

将指定的修改应用到与此 CommonObjectSecurity 对象关联的自由访问控制列表 (DACL) 中。Applies the specified modification to the Discretionary Access Control List (DACL) associated with this CommonObjectSecurity object.

(继承自 CommonObjectSecurity)
ModifyAccessRule(AccessControlModification, AccessRule, Boolean)

将指定的修改应用到与此 ObjectSecurity 对象关联的自由访问控制列表 (DACL) 中。Applies the specified modification to the Discretionary Access Control List (DACL) associated with this ObjectSecurity object.

(继承自 ObjectSecurity)
ModifyAudit(AccessControlModification, AuditRule, Boolean)

将指定的修改应用到与此 CommonObjectSecurity 对象关联的系统访问控制列表 (SACL) 中。Applies the specified modification to the System Access Control List (SACL) associated with this CommonObjectSecurity object.

(继承自 CommonObjectSecurity)
ModifyAuditRule(AccessControlModification, AuditRule, Boolean)

将指定的修改应用到与此 ObjectSecurity 对象关联的系统访问控制列表 (SACL) 中。Applies the specified modification to the System Access Control List (SACL) associated with this ObjectSecurity object.

(继承自 ObjectSecurity)
Persist(Boolean, String, AccessControlSections)

将与此 ObjectSecurity 对象关联的安全描述符的指定部分保存到永久存储中。Saves the specified sections of the security descriptor associated with this ObjectSecurity object to permanent storage. 我们建议传递给构造函数和 persist 方法的 includeSections 参数的值应完全相同。We recommend that the values of the includeSections parameters passed to the constructor and persist methods be identical.

(继承自 ObjectSecurity)
Persist(SafeHandle, AccessControlSections)

将与此 NativeObjectSecurity 对象关联的安全描述符的指定部分保存到永久存储中。Saves the specified sections of the security descriptor associated with this NativeObjectSecurity object to permanent storage. 我们建议保持传递给构造函数和 persist 方法的 includeSections 参数的值完全相同。We recommend.persist that the values of the includeSections parameters passed to the constructor and persist methods be identical.

(继承自 NativeObjectSecurity)
Persist(SafeHandle, AccessControlSections, Object)

将与此 NativeObjectSecurity 对象关联的安全描述符的指定部分保存到永久存储中。Saves the specified sections of the security descriptor associated with this NativeObjectSecurity object to permanent storage. 我们建议传递给构造函数和 persist 方法的 includeSections 参数的值应完全相同。We recommend that the values of the includeSections parameters passed to the constructor and persist methods be identical.

(继承自 NativeObjectSecurity)
Persist(String, AccessControlSections)

将与此 NativeObjectSecurity 对象关联的安全描述符的指定部分保存到永久存储中。Saves the specified sections of the security descriptor associated with this NativeObjectSecurity object to permanent storage. 我们建议传递给构造函数和 persist 方法的 includeSections 参数的值应完全相同。We recommend that the values of the includeSections parameters passed to the constructor and persist methods be identical.

(继承自 NativeObjectSecurity)
Persist(String, AccessControlSections, Object)

将与此 NativeObjectSecurity 对象关联的安全描述符的指定部分保存到永久存储中。Saves the specified sections of the security descriptor associated with this NativeObjectSecurity object to permanent storage. 我们建议传递给构造函数和 persist 方法的 includeSections 参数的值应完全相同。We recommend that the values of the includeSections parameters passed to the constructor and persist methods be identical.

(继承自 NativeObjectSecurity)
PurgeAccessRules(IdentityReference)

删除与指定 IdentityReference 关联的所有访问规则。Removes all access rules associated with the specified IdentityReference.

(继承自 ObjectSecurity)
PurgeAuditRules(IdentityReference)

删除与指定 IdentityReference 关联的所有审核规则。Removes all audit rules associated with the specified IdentityReference.

(继承自 ObjectSecurity)
ReadLock()

为读取访问锁定此 ObjectSecurity 对象。Locks this ObjectSecurity object for read access.

(继承自 ObjectSecurity)
ReadUnlock()

解锁此 ObjectSecurity 对象以进行读取访问。Unlocks this ObjectSecurity object for read access.

(继承自 ObjectSecurity)
RemoveAccessRule(AccessRule)

从与此 CommonObjectSecurity 对象关联的自由访问控制列表 (DACL) 中移除与指定的访问规则具有相同安全性标识符和访问掩码的访问规则。Removes access rules that contain the same security identifier and access mask as the specified access rule from the Discretionary Access Control List (DACL) associated with this CommonObjectSecurity object.

(继承自 CommonObjectSecurity)
RemoveAccessRule(FileSystemAccessRule)

从当前文件或目录移除所有匹配的允许或拒绝访问控制列表 (ACL) 权限。Removes all matching allow or deny access control list (ACL) permissions from the current file or directory.

(继承自 FileSystemSecurity)
RemoveAccessRuleAll(AccessRule)

从与此 CommonObjectSecurity 对象关联的自由访问控制列表 (DACL) 中移除与指定的访问规则具有相同安全性标识符的所有访问规则。Removes all access rules that have the same security identifier as the specified access rule from the Discretionary Access Control List (DACL) associated with this CommonObjectSecurity object.

(继承自 CommonObjectSecurity)
RemoveAccessRuleAll(FileSystemAccessRule)

从当前文件或目录移除指定用户的所有访问控制列表 (ACL) 权限。Removes all access control list (ACL) permissions for the specified user from the current file or directory.

(继承自 FileSystemSecurity)
RemoveAccessRuleSpecific(AccessRule)

从与此 CommonObjectSecurity 对象关联的自由访问控制列表 (DACL) 中移除与指定的访问规则完全匹配的所有访问规则。Removes all access rules that exactly match the specified access rule from the Discretionary Access Control List (DACL) associated with this CommonObjectSecurity object.

(继承自 CommonObjectSecurity)
RemoveAccessRuleSpecific(FileSystemAccessRule)

从当前文件或目录移除单个匹配的允许或拒绝访问控制列表 (ACL) 权限。Removes a single matching allow or deny access control list (ACL) permission from the current file or directory.

(继承自 FileSystemSecurity)
RemoveAuditRule(AuditRule)

从与此 CommonObjectSecurity 对象关联的系统访问控制列表 (SACL) 中移除与指定的审核规则具有相同安全性标识符和访问掩码的审核规则。Removes audit rules that contain the same security identifier and access mask as the specified audit rule from the System Access Control List (SACL) associated with this CommonObjectSecurity object.

(继承自 CommonObjectSecurity)
RemoveAuditRule(FileSystemAuditRule)

从当前文件或目录移除所有匹配的允许或拒绝审核规则。Removes all matching allow or deny audit rules from the current file or directory.

(继承自 FileSystemSecurity)
RemoveAuditRuleAll(AuditRule)

从与此 CommonObjectSecurity 对象关联的系统访问控制列表 (SACL) 中移除与指定的审核规则具有相同安全性标识符的所有审核规则。Removes all audit rules that have the same security identifier as the specified audit rule from the System Access Control List (SACL) associated with this CommonObjectSecurity object.

(继承自 CommonObjectSecurity)
RemoveAuditRuleAll(FileSystemAuditRule)

从当前文件或目录移除指定用户的所有审核规则。Removes all audit rules for the specified user from the current file or directory.

(继承自 FileSystemSecurity)
RemoveAuditRuleSpecific(AuditRule)

从与此 CommonObjectSecurity 对象关联的系统访问控制列表 (SACL) 中移除与指定的审核规则完全匹配的所有审核规则。Removes all audit rules that exactly match the specified audit rule from the System Access Control List (SACL) associated with this CommonObjectSecurity object.

(继承自 CommonObjectSecurity)
RemoveAuditRuleSpecific(FileSystemAuditRule)

从当前文件或目录移除单个匹配的允许或拒绝审核规则。Removes a single matching allow or deny audit rule from the current file or directory.

(继承自 FileSystemSecurity)
ResetAccessRule(AccessRule)

从与此 CommonObjectSecurity 对象关联的自由访问控制列表 (DACL) 中移除所有访问规则,然后添加指定的访问规则。Removes all access rules in the Discretionary Access Control List (DACL) associated with this CommonObjectSecurity object and then adds the specified access rule.

(继承自 CommonObjectSecurity)
ResetAccessRule(FileSystemAccessRule)

将指定的访问控制列表 (ACL) 权限添加到当前文件或目录,并移除所有匹配的 ACL 权限。Adds the specified access control list (ACL) permission to the current file or directory and removes all matching ACL permissions.

(继承自 FileSystemSecurity)
SetAccessRule(AccessRule)

从与此 CommonObjectSecurity 对象关联的自由访问控制列表 (DACL) 中移除与指定的访问规则具有相同安全性标识符和限定符的所有访问规则,然后添加指定的访问规则。Removes all access rules that contain the same security identifier and qualifier as the specified access rule in the Discretionary Access Control List (DACL) associated with this CommonObjectSecurity object and then adds the specified access rule.

(继承自 CommonObjectSecurity)
SetAccessRule(FileSystemAccessRule)

设置当前文件或目录的指定访问控制列表 (ACL) 权限。Sets the specified access control list (ACL) permission for the current file or directory.

(继承自 FileSystemSecurity)
SetAccessRuleProtection(Boolean, Boolean)

设置或删除与此 ObjectSecurity 对象相关联的访问规则保护。Sets or removes protection of the access rules associated with this ObjectSecurity object. 父级对象不能通过继承来修改受保护的访问规则。Protected access rules cannot be modified by parent objects through inheritance.

(继承自 ObjectSecurity)
SetAuditRule(AuditRule)

从与此 CommonObjectSecurity 对象关联的系统访问控制列表 (SACL) 中移除与指定的审核规则具有相同的安全性标识符和限定符所有审核规则,然后添加指定的审核规则。Removes all audit rules that contain the same security identifier and qualifier as the specified audit rule in the System Access Control List (SACL) associated with this CommonObjectSecurity object and then adds the specified audit rule.

(继承自 CommonObjectSecurity)
SetAuditRule(FileSystemAuditRule)

设置当前文件或目录的指定审核规则。Sets the specified audit rule for the current file or directory.

(继承自 FileSystemSecurity)
SetAuditRuleProtection(Boolean, Boolean)

设置或删除与此 ObjectSecurity 对象相关联的审核规则保护。Sets or removes protection of the audit rules associated with this ObjectSecurity object. 不能由通过继承的父级对象修改受保护的审核规则。Protected audit rules cannot be modified by parent objects through inheritance.

(继承自 ObjectSecurity)
SetGroup(IdentityReference)

设置与此 ObjectSecurity 对象关联的安全描述符的主要组。Sets the primary group for the security descriptor associated with this ObjectSecurity object.

(继承自 ObjectSecurity)
SetOwner(IdentityReference)

设置与此 ObjectSecurity 对象关联的安全描述符的所有者。Sets the owner for the security descriptor associated with this ObjectSecurity object.

(继承自 ObjectSecurity)
SetSecurityDescriptorBinaryForm(Byte[])

根据指定的字节值数组设置此 ObjectSecurity 对象的安全描述符。Sets the security descriptor for this ObjectSecurity object from the specified array of byte values.

(继承自 ObjectSecurity)
SetSecurityDescriptorBinaryForm(Byte[], AccessControlSections)

根据指定的字节值数组设置此 ObjectSecurity 对象的安全描述符的指定部分。Sets the specified sections of the security descriptor for this ObjectSecurity object from the specified array of byte values.

(继承自 ObjectSecurity)
SetSecurityDescriptorSddlForm(String)

根据指定的安全描述符定义语言 (SDDL) 字符串设置此 ObjectSecurity 对象的安全描述符。Sets the security descriptor for this ObjectSecurity object from the specified Security Descriptor Definition Language (SDDL) string.

(继承自 ObjectSecurity)
SetSecurityDescriptorSddlForm(String, AccessControlSections)

根据指定的安全描述符定义语言 (SDDL) 字符串设置此 ObjectSecurity 对象的安全描述符的指定部分。Sets the specified sections of the security descriptor for this ObjectSecurity object from the specified Security Descriptor Definition Language (SDDL) string.

(继承自 ObjectSecurity)
ToString()

返回表示当前对象的字符串。Returns a string that represents the current object.

(继承自 Object)
WriteLock()

锁定此 ObjectSecurity 对象以进行写访问。Locks this ObjectSecurity object for write access.

(继承自 ObjectSecurity)
WriteUnlock()

解锁此 ObjectSecurity 对象以进行写入访问。Unlocks this ObjectSecurity object for write access.

(继承自 ObjectSecurity)

适用于