C# Application can't read/write to files created by administrator when run in limited user account XP
Asked Answered
M

2

5

I have an application that is useable by all users (admin or limited) in .NET (C# specifically).

When the application first launches - it creates a few files that it needs in the C:\Documents and Settings\All Users\Documents\ for all subsequent launches.

If the limited user in XP is the FIRST user to launch the application it creates the files fine and both the limited user and administrators can run fine.

However if the Administrator (or I am guessing a different limited user) is the first to launch the application then the limited user is NOT able to run the application.

The two files that it is NOT able to read/write to if created by an Administrator is a Log4Net log file and a SQLite db file.

The SQLite database file is being created with a straitforward .NET File.Copy(sourcepath, destinationpath). The sourcepath is a seed database file installed with the application - so on first run it copies that from the C:\Program Files\app install\seed.db

Is there a way to set the permissions on the file when I copy it? File.SetAccessControl() perhaps? I am not clear on how that works.

The other issue is that the log4Net rolling file appender will not roll the old file and create a new as the old file was created by the admin user when they ran the app.

Any ideas? Ironically this all works perfectly fine in Vista with limited/admin accounts - this is ONLY happening in XP with admin/limited accounts.

Murmur answered 11/2, 2009 at 0:4 Comment(1)
Why is it sharing files between multiple users on the same PC? this is almost never a good decision. Why not just put the files in each individual user's appdata folder as needed?Volute
G
2

Yeah, it's the SetAccessControl method all right, there is a good example here (the post from satankidneypie)

Good luck

Gutow answered 11/2, 2009 at 0:31 Comment(1)
Thank you - that link is exactly what I needed (especially with the ability to get the 'Everyone" user in a cultural-independent way)Murmur
B
6

I think SetAccessControl is the way to go. Maybe something like this:

// get the existing access controls
FileSecurity fs = File.GetAccessControl(yourFilename);

// add the new rule to the existing settings
fs.AddAccessRule(new FileSystemAccessRule(
    @"DOMAIN\Users",  // or "BUILTIN\Users", "COMPUTER\AccountName" etc
    FileSystemRights.Modify,
    AccessControlType.Allow));

// set the updated access controls
File.SetAccessControl(yourFilename, fs);

Note: It's important that you get the existing access control list from the file and then add your new rule to that. If you just create a new access control list from scratch then it will overwrite the existing permissions completely.

Bowhead answered 11/2, 2009 at 0:34 Comment(0)
G
2

Yeah, it's the SetAccessControl method all right, there is a good example here (the post from satankidneypie)

Good luck

Gutow answered 11/2, 2009 at 0:31 Comment(1)
Thank you - that link is exactly what I needed (especially with the ability to get the 'Everyone" user in a cultural-independent way)Murmur

© 2022 - 2024 — McMap. All rights reserved.