0

I have a requirement to create a directory on my applications server which is secure to all, but the application itself.

I have read this article

System.IO.Directory.CreateDirectory with permissions for only this current user?

Converting to VB, the code it suggests is:

Dim ds As New DirectorySecurity()
Dim sid As New SecurityIdentifier(WellKnownSidType.CreatorOwnerSid, Nothing)
Dim ace As New FileSystemAccessRule(sid,
        FileSystemRights.FullControl,
        AccessControlType.Allow)
ds.AddAccessRule(ace)

Directory.CreateDirectory(Dir, ds)

But when I follow that code instruction there, I cannot add files to the directory I have created.

I am guessing I should change the value of WellKnownSidType but I do not know what to!

To recap - what I need is a directory which my application can read and write to, but a user cannot access from a web browser to download any content.

Any help much appreciated!

Community
  • 1
  • 1
Jamie Hartnoll
  • 7,231
  • 13
  • 58
  • 97
  • Can't you just create the folder outside of the web structure? For example, if your IIS site lives at `C:\inetpub\wwwroot`, create your folder at `C:\inetpub\HiddenFolder`. This would keep your files from being accessible through the browser. – InbetweenWeekends Oct 14 '14 at 12:48
  • I dare say I could, but it's on shared hosting (which might not matter) and also has multiple users, each having their own version fot eh folder so I am trying to keep it within a User Resources root directory. – Jamie Hartnoll Oct 14 '14 at 13:19
  • What about this, then? http://stackoverflow.com/questions/3776847/how-to-restrict-folder-access-in-asp-net – InbetweenWeekends Oct 14 '14 at 13:40

0 Answers0