Create Directory

J

John

Hello,

I am having a permissions problem when creating a directory. The relevant
bits of my code look like this:

// impersonate current user:
WindowsIdentity ident = (WindowsIdentity)
HttpContext.Current.User.Identity;
_context = ident.Impersonate();
_name = ident.Name;
_isauth = ident.IsAuthenticated;
_authtype = ident.AuthenticationType;

// create the directory
// I've also tried using DirectoryInfo.Create()
Directory.CreateDirectory(directoryName);

// restore current (aspnet) identity:
_context.Undo();

If "directoryname" is "e:\inetpub\wwwroot\unittests\createdirectory\New" I
am getting the error Could not find a part of the path "e:\".

If I grant this user access to the root of my "e" drive then it works
fine. However, doing this is a security risk (and also, to me, seems
completely unnecessary).

Does anyone know why this happens and if there is a sensible way round
it? Is this a .net bug?

Any help would be very much appreciated as I am completely stumped!

Thanks,

John
 
J

John

I am having a permissions problem when creating a directory. The
relevant bits of my code look like this:

<<SNIPPED>>

If "directoryname" is "e:\inetpub\wwwroot\unittests\createdirectory\New"
I am getting the error Could not find a part of the path "e:\".

If I grant this user access to the root of my "e" drive then it works
fine. However, doing this is a security risk (and also, to me, seems
completely unnecessary).

Does anyone know why this happens and if there is a sensible way round
it? Is this a .net bug?
Click to expand...

Is the only way round this really to grant read directory permissions for
the user on the root of the drive?

This seems very odd to me. Has no one else come across this before?

Thanks,

John
 
D

Dmitry Kulakovsky

This is a relatively known .NET bug or "feature"...



Both Directory.CreateDirectory(path) and
DirectoryInfo.CreateSubdirectory(path) require user to have Read access to
the drive's root directory (i.e. <Drive>:\).



Many ASP.NET hosting providers (especially those running Windows 2003
Server) will not allow user running ASP.NET worker process read access to
the root folder, so CreateDirectory will always fail. You can not blame
hosting providers - they do right thing, securing shared environment from
users with malicious intents.



The only workaround I have found is to replace call to
Directory.CreateDirectory() with call to unmanaged code, like msvcrt's
_mkdir(char*):



[DllImport("msvcrt.dll", SetLastError=true)]

static extern int _mkdir(string path);



....

//replace call to Directory.CreateDirectory with:

_mkdir(newDirectory);

....



This will work only if your code is granted "Allow Calls to Unmanaged Code"
permission but most hosting environments allow that.



You can find more details in my recent Blog entry at
http://hatka.net/wlogdev/archive/2004/08/29/178.aspx



Dmitry Kulakovsky
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

connecting problem in vb.net with ldap to active directory 1
Create folder with only read permission 0
Create users account and home directory on a FTP server at runtime 0
Active Directory Access from a Web App 1
Sitemap trimming with Forms auth (Active Directory) 4
Can't include virtual directory 4
no permission to create directory 2
Impersonation using WindowsIdentity( upn ) ctor 6

Members online

Total: 28 (members: 2, guests: 26)
Robots: 86

Forum statistics

Threads
473,780
Messages
2,569,611
Members
45,270
Latest member
TopCryptoTwitterChannels_

Latest Threads

Top