• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 521
  • Last Modified:

Unauthorized access

When I run the code below I get an unauthorized access exception. I checked the file permissions and ASPNET user has access rights for the file. What am i doing wrong?
FileSecurity fs = File.GetAccessControl(path); <--ERROR HERE
            fs.SetAccessRuleProtection(false, false);
            File.SetAccessControl(path,fs);

Open in new window

0
YZlat
Asked:
YZlat
  • 4
  • 3
1 Solution
 
Todd GerbertIT ConsultantCommented:
Sure you're running as the user you think you are (i.e. maybe you have impersonation on and are running as the user)?  Try putting a Response.Write(Environment.UserName); in an aspx page somewhere as a test.

I believe you also will need at least traverse rights for any folders in the path, and list files right for the immediately containing folder, and read permissions right for the file itself.
0
 
YZlatAuthor Commented:
Environment.UserName returns ASPNET
0
 
YZlatAuthor Commented:
also if I use File.Exists(path), it returns false even though file does exist. That usually happens when the user does not have sufficient rights, so it's a permissions issue. I just can't figure out what's the problem
0
What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

 
Todd GerbertIT ConsultantCommented:
Sure that you don't have any overriding "Deny" permissions, and ASPNET has at least "Read Permissions" right?  Can you run the command-line "cacls <path to file>" and post the output?
0
 
YZlatAuthor Commented:
here is the output:

C:\test\MyFile.txt

CHOP-EDU\ASPNET:C
CHOP-EDU\ASPNET:C
CHOP-EDU\myusername:F
BUILTIN\Administrators:F
NT AUTHORITY\SYSTEM:F


C:\>
0
 
Todd GerbertIT ConsultantCommented:
I'm unable to duplicate your issue...

Is it possible the AppPool is running as LOCALUSER\ASPNET but the file's NTFS permissions are for DOMAINUSER\ASPNET?  What's in your web.config?
0
 
YZlatAuthor Commented:
Your comment helped me to find a solution. I forgot to diable anonymous access in IIS
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now