using?Microsoft.Win32;

using?System;

using?System.Collections.Generic;

using?System.ComponentModel;

using?System.Data;

using?System.Drawing;

using?System.IO;

using?System.Linq;

using?System.Security.AccessControl;

using?System.Text;

using?System.Threading.Tasks;

using?System.Windows.Forms;

?

namespace?WindowsFormsApp2

{

????public?partial?class?Form1?: Form

????{

????????public?Form1()

????????{

????????????InitializeComponent();

????????}

????????///?<summary>

????????///?獲取系統(tǒng)Chrome的安裝路徑

????????///?</summary>

????????///?<param name="exeName">chrome.exe</param>

????????///?<returns>string 程序所在字符串</returns>

????????public?string?GetChromeUpdatePath()

????????{

????????????try

????????????{

????????????????string?App = "chrome.exe";

????????????????RegistryKey regKey = Registry.CurrentUser;

????????????????RegistryKey regSubKey = regKey.OpenSubKey(@"SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\"?+ App, false);

????????????????object?objResult = regSubKey.GetValue(string.Empty);

????????????????RegistryValueKind regValueKind = regSubKey.GetValueKind(string.Empty);

????????????????if?(regValueKind == Microsoft.Win32.RegistryValueKind.String)

????????????????{

????????????????????string?strChromePath=objResult.ToString();

????????????????????int?pos = strChromePath.IndexOf(@"\Google\");

????????????????????string?strGooglePosition = strChromePath.Substring(0, pos + 7) + @"\Update";

????????????????????return?strGooglePosition;

????????????????}

????????????????return?"";

????????????}

????????????catch

????????????{

????????????????return?"";

????????????}

????????}

?

????????///?<summary>

????????///?讓文件夾權(quán)限最小化，限制其更新和執(zhí)行

????????///?</summary>

????????///?<param name="filePath"></param>

????????static?void?AddSecurityControll2File(string?filePath)

????????{

?

????????????//獲取文件信息

????????????FileInfo fileInfo = new?FileInfo(filePath);

????????????//獲得該文件的訪問(wèn)權(quán)限

????????????System.Security.AccessControl.FileSecurity fileSecurity = fileInfo.GetAccessControl();

????????????//移除用戶組的訪問(wèn)權(quán)限規(guī)則

????????????fileSecurity.RemoveAccessRule(new?FileSystemAccessRule(@"Administrator", FileSystemRights.FullControl, AccessControlType.Allow));

????????????//添加用戶組的訪問(wèn)權(quán)限規(guī)則

????????????fileSecurity.AddAccessRule(new?FileSystemAccessRule(@"Administrator", FileSystemRights.Modify, AccessControlType.Deny));

????????????fileSecurity.AddAccessRule(new?FileSystemAccessRule(@"Everyone", FileSystemRights.Modify, AccessControlType.Deny));

?

????????????//設(shè)置訪問(wèn)權(quán)限

????????????fileInfo.SetAccessControl(fileSecurity);

????????}

????????///?<summary>

????????///讓文件權(quán)限最小化，限制其更新和執(zhí)行

????????///?</summary>

????????///?<param name="dirPath"></param>

????????static?void?AddSecurityControll2Folder(string?dirPath)

????????{

????????????//獲取文件夾信息

????????????DirectoryInfo dir = new?DirectoryInfo(dirPath);

????????????//獲得該文件夾的所有訪問(wèn)權(quán)限

????????????System.Security.AccessControl.DirectorySecurity dirSecurity = dir.GetAccessControl(AccessControlSections.All);

????????????//設(shè)定文件ACL繼承

????????????InheritanceFlags inherits = InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit;

????????????//Administrator用戶組的訪問(wèn)權(quán)限規(guī)則限制(權(quán)限最小化)

????????????FileSystemAccessRule AdministratorFileSystemAccessRuleAllow = new?FileSystemAccessRule("Administrator", FileSystemRights.FullControl, inherits, PropagationFlags.None, AccessControlType.Allow);

????????????FileSystemAccessRule AdministratorFileSystemAccessRuleDeny = new?FileSystemAccessRule("Administrator", FileSystemRights.FullControl, inherits, PropagationFlags.None, AccessControlType.Deny);

????????????FileSystemAccessRule EveryoneFileSystemAccessRuleDeny = new?FileSystemAccessRule("Everyone", FileSystemRights.FullControl, inherits, PropagationFlags.None, AccessControlType.Deny);

?

????????????bool?isModified = false;

????????????dirSecurity.ModifyAccessRule(AccessControlModification.Remove, AdministratorFileSystemAccessRuleAllow, out?isModified);

????????????dirSecurity.ModifyAccessRule(AccessControlModification.Add, AdministratorFileSystemAccessRuleDeny, out?isModified);

????????????dirSecurity.ModifyAccessRule(AccessControlModification.Add, EveryoneFileSystemAccessRuleDeny, out?isModified);

?

?

?

????????????//設(shè)置訪問(wèn)權(quán)限

????????????dir.SetAccessControl(dirSecurity);

????????}

????????private?void?button1_Click(object?sender, EventArgs e)

????????{

????????????//

????????????string?UpdatePath = GetChromeUpdatePath();

????????????AddSecurityControll2Folder(UpdatePath);

?

????????????string?UpdateMainFile = UpdatePath + @"\keygen.exe";

????????????AddSecurityControll2File( UpdateMainFile);

?

?

????????}

?

????????private?void?button2_Click(object?sender, EventArgs e)

????????{

????????????FolderBrowserDialog path = new?FolderBrowserDialog();

????????????path.ShowDialog();

????????????string?txtPath = path.SelectedPath;

????????????textBoxPathName.Text = txtPath;

????????}

?

????}

}

?