8

Before I pull out the rest of my hair I'd like to get some input on this.
I'm trying to take ownership of a folder. I'm running the program as administrator of course and I do have rights to take ownership since I can change the owner in explorer.

I can however change the owner if either administrator or my account owns it, and I can change permissions if I already have ownership.
If I try to give myself ownership of a file, lets say owned by SYSTEM, then I get an unauthorizedexception.

I've tried some different things with the accesscontrol methods but nothing works, this latest method I think is directly by the book.

        private static void makePerm(string file, NTAccount account)
    {
        FileInfo finfo = new FileInfo(file);
        FileSecurity fsecurity = finfo.GetAccessControl();
        //also tried it like this //fsecurity.ResetAccessRule(new FileSystemAccessRule(string.Format(@"{0}\{1}", Environment.UserDomainName.ToString(), Environment.UserDomainName.ToString()), FileSystemRights.FullControl, AccessControlType.Allow));
        fsecurity.SetOwner(account);
        finfo.SetAccessControl(fsecurity);
    }

I'm trying this on Windows 7 btw.
What am I missing here?

apaderno
  • 26,733
  • 16
  • 74
  • 87
Steinthor.palsson
  • 5,916
  • 13
  • 41
  • 51

2 Answers2

12

I had the same problem and just posting here for anybody else who may come here searching like me:

You need to explicitly enable SeTakeOwnershipPrivilege in code as Luke mentions above. I found this Process Privileges to be really helpful dealing with this sort of thing.

Here is how it fixed my code:

using System;
using System.Diagnostics;

// ...
using (new ProcessPrivileges.PrivilegeEnabler(Process.GetCurrentProcess(), Privilege.TakeOwnership))
{
    directoryInfo = new DirectoryInfo(path);
    directorySecurity = directoryInfo.GetAccessControl();

    directorySecurity.SetOwner(WindowsIdentity.GetCurrent().User);
    Directory.SetAccessControl(path, directorySecurity);    
}
umlcat
  • 3,993
  • 3
  • 18
  • 28
Maverik
  • 5,549
  • 36
  • 46
  • 1
    I know it is a bit old, but I was facing the same issue. Thanks for sharing the solution, it worked perfectly for me with an adaption. In case someone wants to make someone else the owner: You will then also need the privilege Privilege.Restore. Before you will be able to change the owner. And if you want to take the ownership, you might first need to create a new FileSecurity object, take ownership and then go on from there: `var fileSecurity = new FileSecurity();` `fileSecurity.SetOwner(_owner);` `File.SetAccessControl(file, fileSecurity);` – philip Aug 19 '14 at 15:54
1

Did you elevate your process via UAC first? On Windows 7, without UAC escalation, your process is running with the lower privileged token.

pjulien
  • 1,349
  • 10
  • 14