Page 1 of 1
Don’t Write User Files to ...
Posted: Sat Aug 21, 2004 4:21 pm
by sec
I am reading a book, and has some useful info so i put it here:
Don’t Write User Files to \Program Files
Writing to the \Program Files directory requires the user to be an administrator because the access control entry (ACE) for a user is Read, Execute, and List Folder Contents. Requiring administrator privileges defeats the principle of least privilege. If you must store data for the user, store it in the user’s profile: %USERPROFILE%\My Documents, where the user has full control. If you want to store data for all users on a computer, write the data to \Documents and Settings\ All Users\Application Data\dir.
Writing to \Program Files is one of the two main reasons why so many applications ported from Windows 95 to Windows NT and later require the user to be an administrator. The other reason is writing to the HKEY_LOCAL_MACHINE portion of the system registry, and that’s next.
------
Don’t Write User Data to HKLM
As with writing to \Program Files, writing to HKEY_LOCAL_MACHINE is also not recommended for user application information because the ACL on this registry hive allows users (actually, Everyone) read access. This is the second reason so many applications ported from Windows 95 to Windows NT and later require the user to be an administrator. If you must store data for the user in the registry, store it in HKEY_CURRENT_USER, where the user has full control.
Posted: Mon Aug 23, 2004 6:27 am
by Tranquil
Intresting to know! Thanks for sharing this knowledge.
Mike
Re: Don’t Write User Files to ...
Posted: Mon Aug 23, 2004 5:53 pm
by GPI
> If you must store data for the user, store it in the user’s profile: %USERPROFILE%\My Documents
ARGHHHHH!!!!!!!!!!!! DON'T DO THIS! I HATE THIS! (And don't write in the regestry)
And by the way: On my system no My Documents exist.
>\Documents and Settings\ All Users\Application Data\dir.
Same here
Don't not use fixed-System-Paths. Always ask the correct path with api-commands.
GPI
Posted: Mon Aug 23, 2004 6:55 pm
by thefool
erhm.. what about win 95/98/me?
Posted: Tue Aug 24, 2004 10:13 am
by LarsG
- Don't write to the registry.
- All configuration stuff should be in the program directory (ie. where the user has installed your program)
- All the data should either be put in the program directory (perhaps in a subfolder), OR to a directory which the user has specified.
This way I know where everything is placed, and in addition, I can move the app to another HDD if I want to , and it would still work.
My 2 cents.
Posted: Tue Aug 24, 2004 7:12 pm
by filperj
This way I know where everything is placed, and in addition, I can move the app to another HDD if I want to , and it would still work.
I all agree ^^
And an app wich is registry dependant won't work correctly after a system reinstallation.
Posted: Tue Aug 24, 2004 7:37 pm
by Num3
Well, don't also forget to write stuff to NIL:
It's a very bad idea !
Re: Don’t Write User Files to ...
Posted: Thu Sep 09, 2004 3:48 am
by texxsound
GPI wrote:> If you must store data for the user, store it in the user’s profile: %USERPROFILE%\My Documents
ARGHHHHH!!!!!!!!!!!! DON'T DO THIS! I HATE THIS! (And don't write in the regestry)
And by the way: On my system no My Documents exist.
>\Documents and Settings\ All Users\Application Data\dir.
Same here
Don't not use fixed-System-Paths. Always ask the correct path with api-commands.
GPI
Yep, hate it too! Really! I hate it so much that i wrote a simple .BAT that deletes every "My Videos" "My Music" "My Whatever" folder during booting.
When will they ever learn...
Re: Don’t Write User Files to ...
Posted: Thu Sep 09, 2004 11:22 pm
by Doobrey
Years ago, I did a similar batch file to clean up winblows on startup.
When I tried it, it seemed to take forever to finish..then I noticed my C:\windows\ dir was now empty
