Create Directory

[John]

Hello,

I am having a permissions problem when creating a directory. The relevant
bits of my code look like this:

// impersonate current user:
WindowsIdentity ident = (WindowsIdentity)
HttpContext.Current.User.Identity;
_context = ident.Impersonate();
_name = ident.Name;
_isauth = ident.IsAuthenticated;
_authtype = ident.AuthenticationType;

// create the directory
// I've also tried using DirectoryInfo.Create()
Directory.CreateDirectory(directoryName);

// restore current (aspnet) identity:
_context.Undo();

If "directoryname" is "e:\inetpub\wwwroot\unittests\createdirectory\New" I
am getting the error Could not find a part of the path "e:\".

If I grant this user access to the root of my "e" drive then it works
fine. However, doing this is a security risk (and also, to me, seems
completely unnecessary).

Does anyone know why this happens and if there is a sensible way round
it? Is this a .net bug?

Any help would be very much appreciated as I am completely stumped!

Thanks,

John

 

[John]

I am having a permissions problem when creating a directory. The
relevant bits of my code look like this:

<<SNIPPED>>

If "directoryname" is "e:\inetpub\wwwroot\unittests\createdirectory\New"
I am getting the error Could not find a part of the path "e:\".

If I grant this user access to the root of my "e" drive then it works
fine. However, doing this is a security risk (and also, to me, seems
completely unnecessary).

Does anyone know why this happens and if there is a sensible way round
it? Is this a .net bug?

Is the only way round this really to grant read directory permissions for
the user on the root of the drive?

This seems very odd to me. Has no one else come across this before?

Thanks,

John

 

[Dmitry Kulakovsky]

This is a relatively known .NET bug or "feature"...



Both Directory.CreateDirectory(path) and
DirectoryInfo.CreateSubdirectory(path) require user to have Read access to
the drive's root directory (i.e. <Drive>:\).



Many ASP.NET hosting providers (especially those running Windows 2003
Server) will not allow user running ASP.NET worker process read access to
the root folder, so CreateDirectory will always fail. You can not blame
hosting providers - they do right thing, securing shared environment from
users with malicious intents.



The only workaround I have found is to replace call to
Directory.CreateDirectory() with call to unmanaged code, like msvcrt's
_mkdir(char*):



[DllImport("msvcrt.dll", SetLastError=true)]

static extern int _mkdir(string path);



....

//replace call to Directory.CreateDirectory with:

_mkdir(newDirectory);

....



This will work only if your code is granted "Allow Calls to Unmanaged Code"
permission but most hosting environments allow that.



You can find more details in my recent Blog entry at
http://hatka.net/wlogdev/archive/2004/08/29/178.aspx



Dmitry Kulakovsky