C # create a file so that only the user who created the file can access it

Question

C # create a file so that only the user who created the file can access it

I need to create a file that will be used to store sensitive data; the goal is to end up with an ACL that restricts access to the domain \ user running at creation time. But by default, apparently, unrestricted access is also allowed for SYSTEM and for the administrator.

Two questions: firstly, is there anything in Windows or .NET that breaks badly if the System and the Administrator are denied access to the file?

Secondly, from C #, how can I get the necessary permissions? I'm just doing File.Create ("myFile.dat") right now; obviously the version of the API is not the one I should use. I found a very complex alternative, but it seems that I am assuming that I know the current domain name and username; what is really the only way to do this?

Thank!

+3

c # file

user736661 May 03 '11 at 17:54

source share

4 answers

, .

, , . , . , , , , ( , ). SYSTEM , - ?

, ", ". , .

+2

Chad 03 '11 18:03

, , , . .

System.Io.File.Create. System.Security.AccessControl.FileSecurity. .

+2

Jonathan Henson 03 '11 18:08

Why don’t you use the symmetric encryption method and save the key for each user in the database or in the registry?

0

Dabbas May 03 '11 at 18:18

source share

RMD · Accepted Answer · 2011-05-03T18:50:09+0000

I suggest you familiarize yourself with the encrypted file system. It is built into XP Pro, Vista, and Windows 7. (as well as server products.)

, . , (, , ), . , .

System.IO.File.Encrypt/Decrypt . , , . . .

, - ( ) , , .

C # create a file so that only the user who created the file can access it

More articles: