How do I programmatically change the security attributes of a file so that any user can delete the file

Question

I have a server written in C# that makes use of impersonation.

I would like to know how I can change the security attributes of a file so that any user can delete it

Answer 1

It sounds like you want to use the System.IO.File.SetAccessControl method to add an ACL that gives the built-in "Everyone" group the ability to delete the file. The MSDN documentation has a decent sample of adding and removing ACL records on a file.

Answer 2

Instead of allowing everyone delete the file, why not add entries for just the people who need to delete the file. Based on your post, that would likely be your user account and the originating process. Allowing literally everyone to delete the file opens yourself up to security problems down the road.

public static void AllowIdentityToDelete(FileInfo file, string identity)
{
    var rule = new FileSystemAccessRule(
        identity,
        FileSystemRights.Delete | FileSystemRights.DeleteSubdirectoriesAndFiles,
        AccessControlType.Allow);

    var acls = file.GetAccessControl();
    acls.AddAccessRule(rule);
    file.SetAccessControl(acls);
}

You'll need to pass in the proper Identity for the user in question.