2

I want to be able to scan all logical drives and get all exe/dll files, in order to output all .net types/classes in all assemblies on the current windows machine regardless of the OS version. I run wINDOWS 7, I have admin rights (checking it in code) and still get access denied for C:\Documents and Settings

What I'm doing wrong?

bool aaa = AmIAdmin();
GetAllNet();

static Dictionary<string, object> GetAllNet()
{
    List<string> binaries = new List<string>();
    string[] drives = Directory.GetLogicalDrives();
    foreach (string dir in drives)
    {
        binaries.AddRange(Directory.GetFiles(dir, "*.dll", SearchOption.AllDirectories));
        binaries.AddRange(Directory.GetFiles(dir, "*.exe", SearchOption.AllDirectories));
    }

    return null;
}
static bool AmIAdmin()
{
    return new WindowsPrincipal(WindowsIdentity.GetCurrent())
                .IsInRole(WindowsBuiltInRole.Administrator);
}
Amit
  • 45,440
  • 9
  • 78
  • 110
Jjyguf
  • 35
  • 3
  • Not exactly a duplicate, but this folder(and few others) are special folders as seen by C#. To see how to get to them, please refer to http://stackoverflow.com/questions/16752534/how-can-i-access-the-documents-and-settings-folder – Paweł Mach Sep 17 '15 at 20:21
  • In this case, he already has the (probably correct) physical path. – Eric J. Sep 17 '15 at 20:22
  • Suggest you post minimal code to reproduce the issue. Have the code check for admin rights (same way your program does), attempt to read the folder in question. That way you can see that the problem is not related to those two things, and others can reproduce the issue. – Eric J. Sep 17 '15 at 20:23

1 Answers1

0

Having admin rights doesn't guarantee access to a specific resource. In fact, it is possible to create an ACL that actively denies access to a resource for the administrator(s) user / group.

What an administrator can do though is take ownership of a resource, and then modify the ACL(s) such that access is available. If you want to do that, you can, but that alters the access rules of your file(s).

Community
  • 1
  • 1
Amit
  • 45,440
  • 9
  • 78
  • 110
  • How to do it and is it applicable to all wINDOWS versions? – Jjyguf Sep 17 '15 at 20:33
  • I *know* it is applicable for windows 98 -> win7, and I'm quite confident it holds true for 8 & 10. Take a look at the linked answer to see how to do it, or look [here](https://support.microsoft.com/en-us/kb/318744). – Amit Sep 17 '15 at 20:39
  • Unless there is a really, really good reason I'd advise against modifying the ACL for every DLL/EXE file on the system and just try running your program "as administrator" (yes, even though you are in the "administrator" group). I can just see this leading to frequent system rebuilds because the original owner of the file is no longer allowed to modify something... – Ron Beyer Sep 17 '15 at 20:47
  • @RonBeyer - Yes, I agree with that discouragement, and I did say that this involves altering file access rules, but there's no other (sensible) way if that really is the requirement. An ussensible way would be to get low level direct byte access to the drive and implementing a file system reader that ignores credentials altogether. – Amit Sep 17 '15 at 20:56
  • Ok, can you show me how to check if read access is available to a file and allow/deny it, so I can read my stuff and than restore the access level – Jjyguf Sep 17 '15 at 21:05
  • No. To system or? I'm not really familiar with that stuff – Jjyguf Sep 17 '15 at 21:09
  • I'm not sure it's "guarantee-able" you'll be able to restore ownership once you take it. It might be that ownership belongs to a SID you won't be able to use (maybe even a remote SID). – Amit Sep 17 '15 at 21:17
  • Ok, how to do it anyway? – Jjyguf Sep 17 '15 at 21:21