My app is creating a directory so that I can store log files in it. I'm adding user security to the directory, but I don't know how to make it propagate. For example, I'm adding the user everyone to the directory, with read and write access, but when my app then create a log file in this directory, the log file has not inherited the everyone security (read, write).
What am I missing?
DirectorySecurity dirSec = Directory.GetAccessControl(_dbPath);
dirSec.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.Write, AccessControlType.Allow));
dirSec.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.ReadAndExecute, AccessControlType.Allow));
dirSec.AddAccessRule(new FileSystemAccessRule("Everyone", FileSystemRights.CreateFiles, AccessControlType.Allow));
Directory.SetAccessControl(_dbPath, dirSec);
You're almost there. The thing you're missing is the AuthorizationRule.InheritanceFlags flag - by default ACEs aren't inheritable, but if you add the InheritanceFlags attribute the ACEs will become inheritable.