8

我正在尝试获取文件的所有权并通过 C# 将其删除。该文件是 iexplorer.exe,默认为当前所有者 - TrustedInstaller。FileSecurity.SetOwner 方法似乎设置了指定的所有权,但实际上并没有改变初始所有者并且没有抛出异常。显然,下一次删除文件的尝试会引发异常。应该在代码中进行哪些更改以获取文件的所有权并将其删除?

var fileS = File.GetAccessControl(@"C:\Program Files (x86)\Internet Explorer\iexplore.exe");
fileS.SetOwner(new System.Security.Principal.NTAccount(Environment.UserDomainName, Environment.UserName));
File.Delete(@"C:\Program Files (x86)\Internet Explorer\iexplore.exe");
4

4 回答 4

6

您必须明确启用SeTakeOwnershipPrivilege

需要获得对象的所有权而不被授予任意访问权限。此特权允许所有者值仅设置为持有者可以合法分配为对象所有者的那些值。用户权利:取得文件或其他对象的所有权。

我建议您阅读 Mark Novak 撰写的精彩文章:在托管代码中可靠、安全和高效地操纵权限

和/或看看他的样本

更新

示例用法:

var fileS = File.GetAccessControl(@"C:\Program Files (x86)\Internet Explorer\iexplore.exe");

Privilege p;
bool ownerChanged = false;
try
{
    p = new Privilege(Privilege.TakeOwnership);
    p.Enable();

    fileS.SetOwner(new System.Security.Principal.NTAccount(
        Environment.UserDomainName, Environment.UserName));

    ownerChanged = true;
}
catch(PrivilegeNotHeldException e)
{
   // privilege not held
   // TODO: show an error message, write logs, etc.
}
finally
{
    p.Revert();
}

if (ownerChanged)
    File.Delete(@"C:\Program Files (x86)\Internet Explorer\iexplore.exe");
于 2012-10-21T16:06:40.737 回答
4 
        string filepath = @"C:\Program Files (x86)\Internet Explorer\iexplore.exe";

        //Get Currently Applied Access Control
        FileSecurity fileS = File.GetAccessControl(filepath);

        //Update it, Grant Current User Full Control
        SecurityIdentifier cu = WindowsIdentity.GetCurrent().User;
        fileS.SetOwner(cu);
        fileS.SetAccessRule(new FileSystemAccessRule(cu, FileSystemRights.FullControl, AccessControlType.Allow));

        //Update the Access Control on the File
        File.SetAccessControl(filepath, fileS);

        //Delete the file
        File.Delete(filepath);

添加以下导入

        using System.IO;
        using System.Security.AccessControl;
        using System.Security.Principal;

在提升模式下运行代码。

于 2013-11-06T16:12:53.967 回答
1

使用示例中的类权限在 Windows 8.1 中提供支持: 可靠、安全和高效地操作托管代码中的权限

    private bool TryDeleteFile(string fileName)
    {
        string filePath = Path.GetFullPath(fileName);
        var fi = new FileInfo(filePath);

        bool ownerChanged = false;
        bool accessChanged = false;
        bool isDelete = false;

        FileSecurity fs = fi.GetAccessControl();
        Privilege p = new Privilege(Privilege.TakeOwnership);

        try
        {
            p.Enable();
            fs.SetOwner(WindowsIdentity.GetCurrent().User);
            File.SetAccessControl(filePath, fs); //Update the Access Control on the File
            ownerChanged = true;
        }
        catch (PrivilegeNotHeldException ex) { }
        finally { p.Revert(); }

        try
        {
            fs.SetAccessRule(new FileSystemAccessRule(WindowsIdentity.GetCurrent().User, FileSystemRights.FullControl, AccessControlType.Allow));
            File.SetAccessControl(filePath, fs);
            accessChanged = true;
        }
        catch (UnauthorizedAccessException  ex) { }

        if (ownerChanged && accessChanged)
        {
            try
            {
                fi.Delete();
                isDelete = true;
            }
            catch (Exception ex) {  }
        }

        return isDelete;
    }
于 2015-02-11T05:33:02.007 回答
0

请参阅这些注册表项以添加上下文菜单。我能够在 Windows 7 上重命名文件夹以及 iexplorer_OFF.exe。您可能可以从您的代码中外壳/执行相同的内容。

https://www.howtogeek.com/howto/windows-vista/add-take-ownership-to-explorer-right-click-menu-in-vista/

于 2020-03-15T13:44:12.770 回答