Search the Site

Sponsors

bottom corner

Directory security audit

I was selected for the task of auditing permissions and security on our file system so that we could analyze current practices and plan for potential new implementations. Since the file system was so big, it didn't make sense to go through folder by folder. I wrote this simple program in C#.NET to traverse directories and view the permissions on them.

This page is filed under keyword(s): c#.

First, we will have to add the proper namespaces to our project.

using System.Security.Principal;
using System.Security.AccessControl;

Next we will write a recursive function to traverse the directories in a given parent folder.

private void TraverseDirectories(string srcDir)
{
	string[] subdirEntries = Directory.GetDirectories(srcDir);

	foreach (string subDir in subdirEntries)
	{
		GetDirSecurity(subDir);
		TraverseDirectories(subDir);
	}
}

You will see that in our foreach loop, we call the GetDirSecurity function for each sub directory. Let's take a look at what that function does.

private void GetDirSecurity(string srcDir)
{
	try
	{
		DirectorySecurity ds = Directory.GetAccessControl(srcDir, AccessControlSections.Access);
		AuthorizationRuleCollection arc = ds.GetAccessRules(true,true, typeof(NTAccount));

		foreach (FileSystemAccessRule fsar in arc)
		{
			/*
			HANDLE OUTPUT HERE
			fsar.IdentityReference.Value;
			fsar.FileSystemRights.ToString();
			fsar.AccessControlType.ToString();
			fsar.IsInherited.ToString();
			*/
		}
	}
	catch (Exception e)
	{
		//HANDLE EXCEPTION
	}
}

In the GetDirSecurity function, we pass it the directory that we wish to view the security. It creates a directory security object, then creates a collection of rules from that object. We then loop through the collection and view the rules on the directory object. Enjoy!

Did you find this page useful? Please consider browsing other articles or subscribing to the RSS feed to keep up with latest.

This page is filed under keyword(s): c#.
Author: Brian Sabat
Last updated: 10 Apr 2008

bottom corner