Hi, I'm trying to understand why it apeared in desktop application (C# .Net 3.5) and how to reproduce it to debug:
System.InvalidOperationException: This access control list is not in canonical form and therefore cannot be modified.
at System.Security.AccessControl.CommonAcl.ThrowIfNotCanonical()
at
System.Security.AccessControl.CommonAcl.AddQualifiedAce(SecurityIdentifier
sid, AceQualifier qualifier, Int32 accessMask, AceFlags flags, ObjectAceFlags objectFlags, Guid objectType, Guid inheritedObjectType)
at
System.Security.AccessControl.DiscretionaryAcl.AddAccess(AccessControlType
accessType, SecurityIdentifier sid, Int32 accessMask, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags)
at
System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessContro
lModification modification, AccessRule rule, Boolean& modified)
at
System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule
rule)
Code lines that caused it:
DirectorySecurity directorySecurity = Directory.GetAccessControl(directoryName);
directorySecurity.AddAccessRule(new FileSystemAccessRule(EveryoneGroup, FileSystemRights.FullControl, AccessControlType.Allow));
Directory.SetAccessControl(directoryName, directorySecurity);
FileSecurity fileSecurity = File.GetAccessControl(preferencesLocation);
fileSecurity.AddAccessRule(new FileSystemAccessRule(EveryoneGroup, FileSystemRights.FullControl, AccessControlType.Allow));
File.SetAccessControl(preferencesLocation, fileSecurity);
I know that such error occurs when there is Access Control List in wrong format, there are some posts where you can find how such format should look like. But here, with this method, you don't have any influence on it. So could someone help me to reproduce such exception to debug it or help how to avoid such things in future?
jbk
edit: anybody?