Hi,

If I get the ACL of a desktop folder, I do not get the 'right' security
settings. For example the right Read is true when I check using the security
properties
in the windows explorer.

The strange thing is that in comparison with a normal folder (say c:\temp)
in the code below bReadAllowed is reached twice. The first thime
bReadAllowed
is set to true (correct), the second time bReadAllowed becomes false ?

For a normal folder (say "c:\temp") function GetAccessRules returns 5 values
but for a desktop folder GetAccessRules returns 6 values ? What extra value
could I test this extra right on a desktop folder ?

(Directory is the folder on the desktop)

DirectoryInfo^ dir = DirInfo->Directory;
DirectorySecurity^ dirSecurity = DirInfo->GetAccessControl();
AuthorizationRuleCollection^ acl = nullptr;
acl = dirSecurity->GetAccessRules( true, true, SecurityIdentifier::typeid );


for (int i = 0; i < acl->Count; i++)
{
FileSystemAccessRule^ rule =
dynamic_cast<FileSystemAccessRule^>(acl[i] );
if ( AccessControlType::Allow.Equals( rule->AccessControlType ) )
{
bool bReadAllowed = ( ( (int)rule->FileSystemRights &
(int)FileSystemRights::Read ) == (int)FileSystemRights::Read );
// bReadAllowd becomes FALSE, while this is TRUE when checking
the security in the explorer
}
}


Does anyone know what I am doing wrong here ?

Thanks in advance, martin.

[quoted text, click to view]
<cut>

NT, XP and above have multiple desktop folders per user. You are