System.Security.AccessControl.DirectorySecurity Class

Represents the access control and audit security for a directory. This class cannot be inherited.

See Also: DirectorySecurity Members


public sealed class DirectorySecurity : FileSystemSecurity


The System.Security.AccessControl.DirectorySecurity class specifies the access rights for a system directory and how access attempts are audited. This class represents access and audit rights as a set of rules. Each access rule is represented by a System.Security.AccessControl.FileSystemAccessRule object, while each audit rule is represented by a System.Security.AccessControl.FileSystemAuditRule object.

The System.Security.AccessControl.DirectorySecurity class is an abstraction of the underlying Windows file security system. In this system, each directory has a discretionary access control list (DACL), which controls access to the directory, and a system access control list (SACL), which specifies the access control attempts that are audited. The System.Security.AccessControl.FileSystemAccessRule and System.Security.AccessControl.FileSystemAuditRule classes are abstractions of the access control entries (ACEs) that comprise DACLs and SACLs.

The System.Security.AccessControl.DirectorySecurity class hides many of the details of DACLs and SACLs; you do not have to worry about ACE ordering or null DACLS.

Use the System.Security.AccessControl.FileSecurity class to retrieve, add, or change the access rules that represent the DACL and SACL of a file.

The following tables lists the methods you can use to access and maintain directory security.

Add rules



Remove rules



Retrieve the access control to a directory



Persist the access control to a directory

System.IO.Directory.SetAccessControl(string, DirectorySecurity)



Namespace: System.Security.AccessControl
Assembly: mscorlib (in mscorlib.dll)
Assembly Versions:,
Since: .NET 2.0