Setting Windows file security

后端未结

关注

 2  1681

My problem is the opposite that most people have. I\'m generating files locally in C#, but I want them to be marked as blocked. So when a user opens them in an app

相关标签:

2条回答

失恋的感觉

2020-12-19 13:33

You need to write the alternate data stream yourself.

To do this, open the file with CreateFile and write the text using FileStream. Here is a simple exemple that works (tried on my computer).

[DllImport("kernel32", CharSet = CharSet.Unicode, SetLastError = true)] 
private static extern SafeFileHandle CreateFile(
string name, FileAccess access, FileShare share,
IntPtr security,
FileMode mode, FileAttributes flags,
IntPtr template);

    public static void Main()
    {
        // Opens the ":Zone.Identifier" alternate data stream that blocks the file
        using (SafeFileHandle handle = CreateFile(@"\\?\C:\Temp\a.txt:Zone.Identifier", FileAccess.ReadWrite, FileShare.None, IntPtr.Zero, FileMode.OpenOrCreate, FileAttributes.Normal, IntPtr.Zero))
        {
            // Here add test of CreateFile return code
            // Then :

            using (StreamWriter writer = new StreamWriter(new FileStream(handle, FileAccess.ReadWrite), Encoding.ASCII))
            {
                writer.WriteLine("[ZoneTransfer]");
                writer.WriteLine("ZoneId=3");
            }
        }

0 讨论(0)

猫巷女王i

2020-12-19 13:36

You can also use the PersistZoneIdentifier object instead of writing the alternative data stream directly.

More information here: http://blogs.msdn.com/b/oldnewthing/archive/2013/11/04/10463035.aspx and here: https://github.com/citizenmatt/UnblockZoneIdentifier

using System;
using System.Runtime.InteropServices;
using System.Runtime.InteropServices.ComTypes;

namespace ConsoleApplication3
{
    public enum URLZONE : uint
    {
        URLZONE_LOCAL_MACHINE = 0,
        URLZONE_INTRANET = 1,
        URLZONE_TRUSTED = 2,
        URLZONE_INTERNET = 3,
        URLZONE_UNTRUSTED = 4,
    }

    [ComImport]
    [InterfaceType(ComInterfaceType.InterfaceIsIUnknown)]
    [Guid("cd45f185-1b21-48e2-967b-ead743a8914e")]
    public interface IZoneIdentifier
    {
        URLZONE GetId();
        void SetId(URLZONE zone);
        void Remove();
    }

    class Program
    {
        static void Main(string[] args)
        {
            object persistZoneId = Activator.CreateInstance(Type.GetTypeFromCLSID(Guid.Parse("0968e258-16c7-4dba-aa86-462dd61e31a3")));
            IZoneIdentifier zoneIdentifier = (IZoneIdentifier)persistZoneId;
            IPersistFile persisteFile = (IPersistFile)persistZoneId;
            zoneIdentifier.SetId(URLZONE.URLZONE_UNTRUSTED);
            persisteFile.Save(@"c:\temp\test.txt", false);
        }
    }
}

0 讨论(0)