What directories can an application run by non-elevated user write to Win7?
I have a problem with my application reading and writing to any other than the User directory (C:\\Users\\MyName\\AppData\\MyCompany\\MyAppName - in Win7). What other directories are open to the non-elevated user? I have googled this issue and have come up with volumes of blah, blah, stuff but no clear cut answer. I do not wish to programatically alter the security of any file or folder nor in any way change the target machine OS or file system. I have tried C:\\Users\\..\\AppData\\Local\\.. , C:\\Users\\..\\AppData\\LocalLow\\.., C:\\Users\\AppData\\.. , but none allow non-elevated user to write to these dirs. With elevated users I can write to C:\\Windows\\system32\\.. and lots of other dirs, but that doesnt help me.
Your help greatly appreciated. Thanks.
Re: What directories can an application run by non-elevated user write to Win7?
Usually there are CSIDL_APPDATA and CSIDL_COMMON_APPDATA directories returned by SHGetFolderPath function
Re: What directories can an application run by non-elevated user write to Win7?
Quote:
Originally Posted by
Mike Pliam
I have a problem with my application reading and writing to any other than the User directory
Instead of asking which directory you can write to, you should state the kind of data you want to write, such that we can help you find the right directory to write to.
1 Attachment(s)
Re: What directories can an application run by non-elevated user write to Win7?
Quote:
Originally Posted by
Mike Pliam
Your help greatly appreciated. Thanks.
When I face a problem like this I just write a small test. This is the results:
Code:
x64\95.exe
%APPDATA% C:\Users\Igor\AppData\Roaming
* exists = 1, creatable = 1, writable = 1
%HOME% C:\Users\Igor
* exists = 1, creatable = 1, writable = 1
%USERPROFILE% C:\Users\Igor
* exists = 1, creatable = 1, writable = 1
%PUBLIC% C:\Users\Public
* exists = 1, creatable = 1, writable = 1
%ProgramFiles% C:\Program Files
* exists = 1, creatable = 0, writable = 0
%ProgramFiles(x86)% C:\Program Files (x86)
* exists = 1, creatable = 0, writable = 0
%CommonProgramFiles% C:\Program Files\Common Files
* exists = 1, creatable = 0, writable = 0
%CommonProgramFiles(x86)% C:\Program Files (x86)\Common Files
* exists = 1, creatable = 0, writable = 0
%SystemRoot% C:\Windows
* exists = 1, creatable = 0, writable = 0
%ProgramData% C:\ProgramData
* exists = 1, creatable = 1, writable = 1
%TEMP% C:\Users\Igor\AppData\Local\Temp
* exists = 1, creatable = 1, writable = 1
x64\95.exe clean
%APPDATA% C:\Users\Igor\AppData\Roaming
%HOME% C:\Users\Igor
%USERPROFILE% C:\Users\Igor
%PUBLIC% C:\Users\Public
%ProgramFiles% C:\Program Files
%ProgramFiles(x86)% C:\Program Files (x86)
%CommonProgramFiles% C:\Program Files\Common Files
%CommonProgramFiles(x86)% C:\Program Files (x86)\Common Files
%SystemRoot% C:\Windows
%ProgramData% C:\ProgramData
%TEMP% C:\Users\Igor\AppData\Local\Temp
x86\95.exe
%APPDATA% C:\Users\Igor\AppData\Roaming
* exists = 1, creatable = 1, writable = 1
%HOME% C:\Users\Igor
* exists = 1, creatable = 1, writable = 1
%USERPROFILE% C:\Users\Igor
* exists = 1, creatable = 1, writable = 1
%PUBLIC% C:\Users\Public
* exists = 1, creatable = 1, writable = 1
%ProgramFiles% C:\Program Files (x86)
* exists = 1, creatable = 1, writable = 0
%ProgramFiles(x86)% C:\Program Files (x86)
* exists = 1, creatable = 1, writable = 0
%CommonProgramFiles% C:\Program Files (x86)\Common Files
* exists = 1, creatable = 1, writable = 0
%CommonProgramFiles(x86)% C:\Program Files (x86)\Common Files
* exists = 1, creatable = 1, writable = 0
%SystemRoot% C:\Windows
* exists = 1, creatable = 1, writable = 0
%ProgramData% C:\ProgramData
* exists = 1, creatable = 1, writable = 1
%TEMP% C:\Users\Igor\AppData\Local\Temp
* exists = 1, creatable = 1, writable = 1
x86\95.exe clean
%APPDATA% C:\Users\Igor\AppData\Roaming
%HOME% C:\Users\Igor
%USERPROFILE% C:\Users\Igor
%PUBLIC% C:\Users\Public
%ProgramFiles% C:\Program Files (x86)
%ProgramFiles(x86)% C:\Program Files (x86)
%CommonProgramFiles% C:\Program Files (x86)\Common Files
%CommonProgramFiles(x86)% C:\Program Files (x86)\Common Files
%SystemRoot% C:\Windows
%ProgramData% C:\ProgramData
%TEMP% C:\Users\Igor\AppData\Local\Temp
Re: What directories can an application run by non-elevated user write to Win7?
Thankyou.
Igor,
On my Win7 machine, as a non-elevated user, the following directories appear to be read/write accessible by your program.
C:\ProgramData
C:\Users\MPLIAM\AppData\Local\Temp
C:\Users\MPLIAM\AppData\Roaming
C:\Users\MPLIAM
C:\Users\Public
However, the C:\ProgramData turns out not to be writable whereas all the others listed work as expected. I do not understand this. Nevertheless, your program and your suggestion is extremely helpful.
Re: What directories can an application run by non-elevated user write to Win7?
Yes, I found that myself. And my conclusion is that something wrong with the SHCreateDirectory call, as it does not create the target path but reports success. Or there's something I still don't know about this particular issue with %ProgramData%. :)
Re: What directories can an application run by non-elevated user write to Win7?
An update: I just created a new dummy user in W7, and the test easily creates the path in %ProgramData% for him. I leave it for your consideration. :)
Re: What directories can an application run by non-elevated user write to Win7?
the ProgramData folder might be virtualised, so creating a file "there" might actually be creating it elsewhere and the OS merely displaying them as a unity.
ProgramData might be used differently for a roaming profile.
As said before... don't look for specific folder names. they may not work. or may be differnet on a different version of windows or on a different language of windows.
use the CSLID's or the environment settings to query the actual paths.
Use the right folder for the right kind of data by default, if they user insists on writing elsewhere, that's their problem to make sure they have access.
if you''re saving a document, then the documents folder is the right default location.
if you're saving program settings, look for the registry as an initial location.
if you need to store large volumes of data. then ProgramData is the way to go.
etc. use the right location rather than looking for a location and then just dumping "anything" in there.
Re: What directories can an application run by non-elevated user write to Win7?
Once again, the problem lies with my inept programming. ProgramData is actually accessible - I had just misstyped the path by leaving out a single backslash. Sorry for the confusion. Thanks for your input.
Re: What directories can an application run by non-elevated user write to Win7?
yes, but don't hardcode "c:\programdata" into your code.
use SHGetKnownFolderPath() to query these.
if you need to support windows before Vista. use SHGetFolderPath() instead