PureBasic Forums - English

http://www.purebasic.com
https://www.purebasic.fr/english/

Help: user restricted from writing to C: drive

https://www.purebasic.fr/english/viewtopic.php?t=25414

Page 1 of 1

Help: user restricted from writing to C: drive

Posted: Tue Jan 16, 2007 8:35 pm
by Straker
Here is my issue: I have several customers who have locked their employees from having any write access to their local C: drives (probabaly via a Network Policy file). The reason they do this is varied, but mostly to prevent virus spreading and end-user installation of unauthorized applications.

Here is my problem: My application needs to write to the local C: drive for both INI file settings, but more importantly cache files.

Here is my question: How can someone allow the local user to write to just one directory, i.e. C:\MyApp and all of its sub-folders? And can this be set in a network-based policy file?

I don't know if they have write access to the TEMP folder or not, or is this always open anyway?

Thanks in advance for any advice.

Re: Help: user restricted from writing to C: drive

Posted: Tue Jan 16, 2007 8:49 pm
by NoahPhense
In my corporate environment, I have a few apps that need this type
of access. We just add the permission EVERYONE to the folder and
all children of that folder. Then, everyone who logs in locally will be
able to use this application without worrying about the network policy.

I know it's kind of a rough solution. Because in order to add these
file permissions to the local structures, you yourself must have the
network ability (permission) to do so. Even when I log in as admin
to these workstations, I still can't change file permissions unless
the "network policy" finds my credentials.

- np

Re: Help: user restricted from writing to C: drive

Posted: Tue Jan 16, 2007 8:54 pm
by PB
Why not just write to their "My Documents" folder? That always has write
access per user, so it shouldn't cause any problems for you.

Posted: Tue Jan 16, 2007 9:03 pm
by dracflamloc
I prefer the user's Local Settings folder.

Posted: Tue Jan 16, 2007 9:10 pm
by Straker
Thanks for the help guys. Since my app needs to update on a regular basis, the best solution is the one put forth by NoahPhense. But the other solutions may come in handy if the client does not want to allow that.

Thanks again for the fast response.

Posted: Wed Jan 17, 2007 6:20 pm
by Rescator
Search google for Least Privileged User

Posted: Sat Jan 20, 2007 9:39 am
by Mike Stefanik
Folks using Vista will have a similar issue in that you can't assume that you can write into the same directory where your executable is installed. Generally speaking, the best place to store data is where Windows tells you to: the common and user appdata folders (for configuration and data files), or the personal folder (for documents). Outside of that, you rolls your dices and takes your chances, depending on how the administrator has the system configured.
All times are UTC+01:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited