I wrote a code that wonderfully recognizes the current owner of the file, but doesn’t want to change it to any other. Judging by MSDN, everything is spelled out as it should. But does not work.

Here is the code:

using System; using System.IO; using System.Security.Principal; namespace GET_SET_OWNER { class Program { public static bool GetOwner(string File_UNC) { Console.WriteLine("Текущий владелец:"); var File_Security = File.GetAccessControl(File_UNC); var SID = File_Security.GetOwner(typeof(SecurityIdentifier)); Console.WriteLine(SID); var Owner = SID.Translate(typeof(NTAccount)); Console.WriteLine(Owner); return true; } public static bool SetOwner(string File_UNC) { Console.WriteLine(Environment.NewLine + "Задаем нового владельца..." + Environment.NewLine); var New_Owner = new NTAccount("Home", "Браток"); var File_Security = File.GetAccessControl(File_UNC); File_Security.SetOwner(New_Owner); try { File.SetAccessControl(File_UNC, File_Security); } catch (InvalidOperationException) { return false; } return true; } static void Main(string[] args) { const string File_UNC = @"D:\1.txt"; bool res_1 = false, res_2 = false, res_3 = false; res_1 = GetOwner(File_UNC); res_2 = SetOwner(File_UNC); res_3 = GetOwner(File_UNC); Console.WriteLine("{0} {1} {2}", res_1, res_2, res_3); Console.ReadLine(); } } }

Does anyone have any ideas? The SetOwner function on each attempt to change the current owner issues System.InvalidOperationException: The security identifier is not allowed to own this object and returns false . In this case, if you change the owner of the file to the current one, that is, for example, (User) is the current owner, change to (User), the function does its work and returns true .

In the case where the current owner of the file is the Matrix , the program copes with the task and changes the owner to any other in the system. That is, changing the owner from Brother to User is not a problem. The problem is to carry out an operation to change the owner from User to Brother .

  • And what result SetOwner return? - VladD
  • four
    rights to change the owner needs rights. In most cases - admin rights. - rdorn
  • @ E.Zubkov: And what exactly does it return, false or true , are we allowed to guess? - VladD
  • @VladD I do not understand the question. If the owner is successfully changed, it returns true , otherwise an option is detected and false is returned. - E. Zubkov
  • 2
    @ E.Zubkov: Okay, then let me answer your question literally. Yes, there are ideas. - VladD

1 answer 1

Good questions are rare.

The problem is this. In order to become the owner of the file system object, the user must have the right to become the owner or to be an administrator. If the conditions are met, the user can designate himself and only himself as the owner of the FS object.

In order to designate another user as an owner, we need the rights to restore the filesystem objects. By default, these rights are disabled even for the administrator. Actually, that's why you manage to reassign the owner to yourself and it does not work the other way around.

Actually the solution to the problem is to assign the process or user, on whose behalf the process is launched, the right to restore FS objects.

The information on this topic is 5-7 years old, but it seems that so far nothing has changed and .NET does not provide the means to obtain these rights, but you can use WinAPI tools. One of these solutions is often referred to in the salamandersoft blog as well as in the answer @VladD here

  • @VladD how could I forget about this discussion, although I did not participate in it, but I watched carefully. I repent, added the link. - rdorn
  • Thank! ( blushed ) - VladD
  • Thanks for the detailed explanation! I will fix the problem. - E. Zubkov