(C#) How do you check if a path is a protected path in Windows that requires elevation to modify?

Question

We have a folder where our app will be potentially reading, writing and creating/deleting files on, and while we can default to a safe location, we allow the user to select a different directory. How can we check if the directory they select is "safe"?

We'd like to not require admin elevation at runtime, and this path will be used for subsequent launches of the app, so it is not enough that we check whether our process is currently able to write to that location because it could be that the app is launched with admin privileges the first time (actually it does when launched by the installer because the installer runs elevated) and if they select a protected location, the next time they try to run the app, they won't have access to the directory. Potentially GB's of Persistent data is stored in this location so asking for a new location and moving the files isn't an ideal solution.

Answer 1

Since any folder can have permissions set however the administrator sees fit, the only real way to find out is to know what user it will be running as (currently logged in user?) and then do an access check to see if that user has the appropriate access to that directory.

Answer 2

Not only can any folder have any permissions, but they can change at any time, including between when you check a file and when you use it. So really, the only thing you can do is just use a file and handle the exception when it fails.

Answer 3

The other advice about permissions changing at anytime is valid, but checking at install time is still better than not checking at all.

Since the first run will be elevated, what you probably want to do is launch a seperate non-elevated process to test the location, and then the original instance can proceed knowing that the location will work unless/until someone else changes the permissions.