本文共 2993 字，大约阅读时间需要 9 分钟。

using System; using System.Management; using System.Collections; class Tester { public static void Main() { try { ManagementPath path = new ManagementPath( ); path.Server = "."; path.NamespacePath = @"root/cimv2"; path.RelativePath = @"Win32_LogicalFileSecuritySetting.Path='c://test'"; // using tmp as folder name ManagementObject lfs = new ManagementObject(path); // Dump all trustees (this includes owner) foreach (ManagementBaseObject b in lfs.GetRelated()) Console.WriteLine("Trustee: {0} /t SID [{1}]", b["AccountName"], b["SID"]); // Get the security descriptor for this object ManagementBaseObject outParams = lfs.InvokeMethod("GetSecurityDescriptor", null, null); if (((uint)(outParams.Properties["ReturnValue"].Value)) == 0) { ManagementBaseObject Descriptor = ((ManagementBaseObject)(outParams.Properties["Descriptor"].Value)); ManagementBaseObject[] DaclObject = ((ManagementBaseObject[])(Descriptor.Properties["Dacl"].Value)); DumpACEs(DaclObject); ManagementBaseObject OwnerObject = ((ManagementBaseObject)(Descriptor.Properties["Owner"].Value)); DumpOwnerProperties(OwnerObject.Properties); // Show owner properies } } catch(Exception e) { Console.WriteLine(e); Console.ReadLine(); } } static void DumpACEs(ManagementBaseObject[] DaclObject) { // ACE masks see: winnt.h string[] filedesc = {"FILE_READ_DATA", "FILE_WRITE_DATA", "FILE_APPEND_DATA", "FILE_READ_EA", "FILE_WRITE_EA", "FILE_EXECUTE", "FILE_DELETE_CHILD", "FILE_READ_ATTRIBUTES", "FILE_WRITE_ATTRIBUTES", " ", " ", " ", " ", " ", " ", " ", "DELETE ", "READ_CONTROL", "WRITE_DAC", "WRITE_OWNER", "SYNCHRONIZE ", " ", " "," ", "ACCESS_SYSTEM_SECURITY", "MAXIMUM_ALLOWED", " "," ", "GENERIC_ALL", "GENERIC_EXECUTE", "GENERIC_WRITE","GENERIC_READ"}; foreach(ManagementBaseObject mbo in DaclObject) { Console.WriteLine("-------------------------------------------------"); Console.WriteLine("mask: {0:X} - aceflags: {1} - acetype: {2}", mbo["AccessMask"], mbo["AceFlags"], mbo["AceType"]); // Access allowed/denied ACE if(mbo["AceType"].ToString() == "1") Console.WriteLine("DENIED ACE TYPE"); else Console.WriteLine("ALLOWED ACE TYPE"); // Dump trustees ManagementBaseObject Trustee = ((ManagementBaseObject)(mbo["Trustee"])); Console.WriteLine("Name: {0} - Domain: {1} - SID {2}/n", Trustee.Properties["Name"].Value, Trustee.Properties["Domain"].Value, Trustee.Properties["SIDString"].Value); // Dump ACE mask in readable form UInt32 mask = (UInt32)mbo["AccessMask"]; int[] m = {(int)mask}; BitArray ba = new BitArray(m); int i = 0; IEnumerator baEnum = ba.GetEnumerator(); while ( baEnum.MoveNext() ) { if((bool)baEnum.Current) Console.WriteLine( "/t[{0}]", filedesc[i]); i++; } } } static void DumpOwnerProperties(PropertyDataCollection Owner) { Console.WriteLine("=============== Owner Properties ========================"); Console.WriteLine(); Console.WriteLine("Domain {0} /tName {1}",Owner["Domain"].Value, Owner["Name"].Value); Console.WriteLine("SID /t{0}",Owner["SidString"].Value); Console.ReadLine(); } } //   

转载地址：https://linuxstyle.blog.csdn.net/article/details/1539925 如侵犯您的版权，请留言回复原文章的地址，我们会给您删除此文章，给您带来不便请您谅解！