Performance counter permissions

Am I doing this wrong? I would expect the code below to either allow me to create the performance counter category, or to throw a SecurityException when I Demand the permission to Administer performance counters. When I run it as an underpriveleged user, it does neither.

using System;
using System.Diagnostics;

namespace TestDemand
{
    class Program
    {
        private string _categoryName = "Bogus Category";
        private string _machineName = ".";

        static void Main(string[] args)
        {
            Program p = new Program();
            if (0 < args.Length &&
                "-d" == args[0].Substring(0, 2).ToLower())
            {
                p.DeleteCategory();
            }
            else
            {
                p.CreateCategory();
            }
        }

        private void CreateCategory()
        {
            try
            {
                if (!Demand(PerformanceCounterPermissionAccess.Read))
                {
                    Console.WriteLine("Failure: Could not get permission to read Performance Counter Categories");
                    return;
                }

                if (PerformanceCounterCategory.Exists(this._categoryName, this._machineName))
                {
                    Console.WriteLine("Failure: Category \"{0}\" already exists.", this._categoryName);
                    return;
                }

                if (Demand(PerformanceCounterPermissionAccess.Administer))
                {
                    Console.WriteLine("Got permission to Administer Performance Counter Categories");
                }
                else
                {
                    Console.WriteLine("Success: Could not get permission to Administer Performance Counter Categories");
                    return;
                }

                CounterCreationDataCollection counters = new CounterCreationDataCollection();
                counters.Add(new CounterCreationData("Some counter", "Counter help text",
                                                                           PerformanceCounterType.NumberOfItems32));
                PerformanceCounterCategory.Create(this._categoryName, "Category help string",
                    PerformanceCounterCategoryType.SingleInstance, counters);
            }
            catch (Exception e)
            {
                Console.WriteLine("Failure: {0}", e.Message);
                Console.WriteLine(e.StackTrace);
                return;
            }
            if (PerformanceCounterCategory.Exists(this._categoryName))
            {
                Console.WriteLine("Success: Category successfully created");
            }
            else
            {
                Console.WriteLine("Failure: No error but category was not created");
            }
        }
        private void DeleteCategory()
        {
            if (!Demand(PerformanceCounterPermissionAccess.Administer))
            {
                Console.WriteLine("Failure: Could not get permission to Administer Performance Counter Categories");
            }
            PerformanceCounterCategory.Delete(this._categoryName);
            if (PerformanceCounterCategory.Exists(this._categoryName))
            {
                Console.WriteLine("Failure: Category was not deleted");
            }
            else
            {
                Console.WriteLine("Success: Category successfully deleted");
            }
        }

        private bool Demand(PerformanceCounterPermissionAccess access)
        {
            bool result = true;
            try
            {
                PerformanceCounterPermission permission = new PerformanceCounterPermission();
                permission.PermissionEntries.Add(new PerformanceCounterPermissionEntry(
                    access, _machineName, _categoryName));
                permission.Demand();
            }
            catch (System.Security.SecurityException)
            {
                result = false;
            }
            return result;
        }
    }
}
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: