Solved

Unauthorized access

Posted on 2011-03-17
7
505 Views
Last Modified: 2012-05-11
When I run the code below I get an unauthorized access exception. I checked the file permissions and ASPNET user has access rights for the file. What am i doing wrong?
FileSecurity fs = File.GetAccessControl(path); <--ERROR HERE
            fs.SetAccessRuleProtection(false, false);
            File.SetAccessControl(path,fs);

Open in new window

0
Comment
Question by:YZlat
  • 4
  • 3
7 Comments
 
LVL 33

Expert Comment

by:Todd Gerbert
ID: 35159732
Sure you're running as the user you think you are (i.e. maybe you have impersonation on and are running as the user)?  Try putting a Response.Write(Environment.UserName); in an aspx page somewhere as a test.

I believe you also will need at least traverse rights for any folders in the path, and list files right for the immediately containing folder, and read permissions right for the file itself.
0
 
LVL 35

Author Comment

by:YZlat
ID: 35159818
Environment.UserName returns ASPNET
0
 
LVL 35

Author Comment

by:YZlat
ID: 35159844
also if I use File.Exists(path), it returns false even though file does exist. That usually happens when the user does not have sufficient rights, so it's a permissions issue. I just can't figure out what's the problem
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 33

Expert Comment

by:Todd Gerbert
ID: 35160038
Sure that you don't have any overriding "Deny" permissions, and ASPNET has at least "Read Permissions" right?  Can you run the command-line "cacls <path to file>" and post the output?
0
 
LVL 35

Author Comment

by:YZlat
ID: 35160296
here is the output:

C:\test\MyFile.txt

CHOP-EDU\ASPNET:C
CHOP-EDU\ASPNET:C
CHOP-EDU\myusername:F
BUILTIN\Administrators:F
NT AUTHORITY\SYSTEM:F


C:\>
0
 
LVL 33

Accepted Solution

by:
Todd Gerbert earned 500 total points
ID: 35164771
I'm unable to duplicate your issue...

Is it possible the AppPool is running as LOCALUSER\ASPNET but the file's NTFS permissions are for DOMAINUSER\ASPNET?  What's in your web.config?
0
 
LVL 35

Author Closing Comment

by:YZlat
ID: 35165127
Your comment helped me to find a solution. I forgot to diable anonymous access in IIS
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Exception Handling is in the core of any application that is able to dignify its name. In this article, I'll guide you through the process of writing a DRY (Don't Repeat Yourself) Exception Handling mechanism, using Aspect Oriented Programming.
Real-time is more about the business, not the technology. In day-to-day life, to make real-time decisions like buying or investing, business needs the latest information(e.g. Gold Rate/Stock Rate). Unlike traditional days, you need not wait for a fe…
A short film showing how OnPage and Connectwise integration works.
This is a video describing the growing solar energy use in Utah. This is a topic that greatly interests me and so I decided to produce a video about it.

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now