Use SID S-1-1-0 instead of EVERYONE for non-english systems

pull/2/head
Mark McDowall 12 years ago
parent d8da292516
commit 4d65f05000

@ -4,6 +4,7 @@ using System.IO;
using System.Linq; using System.Linq;
using System.Runtime.InteropServices; using System.Runtime.InteropServices;
using System.Security.AccessControl; using System.Security.AccessControl;
using System.Security.Principal;
using NLog; using NLog;
using NzbDrone.Common.EnsureThat; using NzbDrone.Common.EnsureThat;
using NzbDrone.Common.EnvironmentInfo; using NzbDrone.Common.EnvironmentInfo;
@ -38,7 +39,7 @@ namespace NzbDrone.Common
void FolderSetLastWriteTimeUtc(string path, DateTime dateTime); void FolderSetLastWriteTimeUtc(string path, DateTime dateTime);
bool IsFileLocked(FileInfo file); bool IsFileLocked(FileInfo file);
string GetPathRoot(string path); string GetPathRoot(string path);
void SetPermissions(string filename, string account, FileSystemRights rights, AccessControlType controlType); void SetPermissions(string filename, WellKnownSidType accountSid, FileSystemRights rights, AccessControlType controlType);
bool IsParent(string parentPath, string childPath); bool IsParent(string parentPath, string childPath);
FileAttributes GetFileAttributes(string path); FileAttributes GetFileAttributes(string path);
} }
@ -243,7 +244,6 @@ namespace NzbDrone.Common
break; break;
} }
} }
} }
} }
@ -403,17 +403,16 @@ namespace NzbDrone.Common
return Path.GetPathRoot(path); return Path.GetPathRoot(path);
} }
public void SetPermissions(string filename, string account, FileSystemRights rights, AccessControlType controlType) public void SetPermissions(string filename, WellKnownSidType accountSid, FileSystemRights rights, AccessControlType controlType)
{ {
try try
{ {
var sid = new SecurityIdentifier(accountSid, null);
var directoryInfo = new DirectoryInfo(filename); var directoryInfo = new DirectoryInfo(filename);
var directorySecurity = directoryInfo.GetAccessControl(); var directorySecurity = directoryInfo.GetAccessControl();
var accessRule = new FileSystemAccessRule(account, rights, var accessRule = new FileSystemAccessRule(sid, rights,
InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
PropagationFlags.None, controlType); PropagationFlags.None, controlType);
@ -423,7 +422,7 @@ namespace NzbDrone.Common
} }
catch (Exception e) catch (Exception e)
{ {
Logger.WarnException(string.Format("Couldn't set permission for {0}. account:{1} rights:{2} accessControlType:{3}", filename, account, rights, controlType), e); Logger.WarnException(string.Format("Couldn't set permission for {0}. account:{1} rights:{2} accessControlType:{3}", filename, accountSid, rights, controlType), e);
throw; throw;
} }

@ -2,6 +2,7 @@
using System.IO; using System.IO;
using System.Reflection; using System.Reflection;
using System.Security.AccessControl; using System.Security.AccessControl;
using System.Security.Principal;
using NLog; using NLog;
namespace NzbDrone.Common.EnvironmentInfo namespace NzbDrone.Common.EnvironmentInfo
@ -47,7 +48,7 @@ namespace NzbDrone.Common.EnvironmentInfo
{ {
try try
{ {
_diskProvider.SetPermissions(AppDataFolder, "Everyone", FileSystemRights.FullControl, AccessControlType.Allow); _diskProvider.SetPermissions(AppDataFolder, WellKnownSidType.WorldSid, FileSystemRights.FullControl, AccessControlType.Allow);
} }
catch (Exception ex) catch (Exception ex)
{ {

@ -35,7 +35,7 @@ namespace NzbDrone.Host.AccessControl
private void RegisterUrl(int portNumber) private void RegisterUrl(int portNumber)
{ {
var arguments = String.Format("http add urlacl http://*:{0}/ user=EVERYONE", portNumber); var arguments = String.Format("http add urlacl http://*:{0}/ sddl=D:(A;;GX;;;S-1-1-0)", portNumber);
RunNetsh(arguments); RunNetsh(arguments);
} }

Loading…
Cancel
Save