Set Write Permissions for a Group - VB.NET

Hi Experts Exchange!

I'm trying to do something that seems pretty simple to me, however, after a couple hours of research I can't seem to find exactly what I need.

I'm creating an xml file, to store some settings, in the [My.Computer.FileSystem.SpecialDirectories.AllUsersApplicationData] directory of windows.  The file is created without any problems, however, the "Users" group is only given Read & Excecute permissions to the file.  So, when another user runs my program and attempts to modify the the .xml file, a security permissions error is thrown.  

Here's what I need to do...
I need to change the file's permissions for the "Users" group, and allow write access to the .xml file.  I'd also like to do this immediately after the file's creation.

Just an FYI; this in no way creates any security threat for my application.  Not only is my .xml file encrypted, but the settings stored inside the .xml file are of an inconsequential nature.  It's encrypted simply for the peace of mind associated with basic security through obfuscation.

That's pretty straight forward right?  I'm sure plenty of you guys have changed windows security permissions at the group level before.

A note...I did try assigning the attribute <PermissionSetAttribute(SecurityAction.Demand, Name:="FullTrust")> to my methods, however this was not successful.

If you have any questions, please feel free to ask away!

Much thanks!   =)
OFGeminiAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

grayeCommented:
Here is an example of doing precisely that...
You'd use it like this:
Imports System.Security.AccessControl
            Dim domainSid As New Security.Principal.SecurityIdentifier("S-1-0-0")
            Dim Users As New Security.Principal.SecurityIdentifier(Security.Principal.WellKnownSidType.BuiltinUsersSid, domainSid)
            AddFileSecurity(wp_file, Users, FileSystemRights.Modify, AccessControlType.Allow)

Imports System.Security.AccessControl
Imports System.Security.Principal
 
    '
    ' Adds an ACL entry on the specified file for the specified account.
    '
    Public Sub AddFileSecurity(ByVal fileName As String, ByVal account As SecurityIdentifier, ByVal rights As FileSystemRights, ByVal controlType As AccessControlType)
        ' Get a FileSecurity object that represents the current security settings.
        Dim fSecurity As FileSecurity = File.GetAccessControl(fileName)
 
        ' Create a new rule
        Dim accessRule As New FileSystemAccessRule(account, rights, controlType)
 
        ' Add the FileSystemAccessRule to the security settings. 
        fSecurity.AddAccessRule(accessRule)
 
        ' Set the new access settings.
        File.SetAccessControl(fileName, fSecurity)
    End Sub

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
.NET Programming

From novice to tech pro — start learning today.