Is there one place (local xml file, registry, etc.) that all user can read
and write to??
I have some settings that applicable to all users, but when a restricted
rights user start my application, these global settings cannot be updated,
since it seems they cannot write to an xml or ini settings file in the
folder where the executing assembly runs from or to the HK_LOCAL_MACHINE
part of the registry.
If it comes to writing to, say an xml or ini file located in each user's
\Name\Local Settings\Application Data folder, then I would also need the
ability to search each of these files in each folder to check the supposed
global settings I am trying to maintain.
I'm sure there must be a way around this conundrum, but I'll be darned if I
can figure it out thus far.
Any comments or suggestions would be greatly appreciated,
Dennis
5  2046 
"Dennis C. Drumm" <dc******@community.nospam> wrote in
news:eM**************@TK2MSFTNGP09.phx.gbl: Is there one place (local xml file, registry, etc.) that all user can
read and write to??
Temp directory is always writabel, but of course not a good place for such.
If it comes to writing to, say an xml or ini file located in each
user's \Name\Local Settings\Application Data folder, then I would also
need the ability to search each of these files in each folder to check
the supposed global settings I am trying to maintain.
Look in the Applicatino opbject, there are pointers to the local and roaming directories along with
descriptions.
--
Chad Z. Hower (a.k.a. Kudzu) - http://www.hower.org/Kudzu/
"Programming is an art form that fights back"
Get your ASP.NET in gear with IntraWeb! http://www.atozed.com/IntraWeb/
Well, I now see that if I can figure out how to change the permissions for
the xml configuration file to Full Control for the local Users group, then
all will work just fine. I know I will need to change the permission when
the program is installed and started the first time by the local
administrator. So that is what I am researching now.
If someone can steer me in the right direction, that would be great.
Thanks,
Dennis
"Dennis C. Drumm" <dc******@community.nospam> wrote in message
news:eM**************@TK2MSFTNGP09.phx.gbl... Is there one place (local xml file, registry, etc.) that all user can read
and write to??
I have some settings that applicable to all users, but when a restricted
rights user start my application, these global settings cannot be updated,
since it seems they cannot write to an xml or ini settings file in the
folder where the executing assembly runs from or to the HK_LOCAL_MACHINE
part of the registry.
If it comes to writing to, say an xml or ini file located in each user's
\Name\Local Settings\Application Data folder, then I would also need the
ability to search each of these files in each folder to check the supposed
global settings I am trying to maintain.
I'm sure there must be a way around this conundrum, but I'll be darned if
I can figure it out thus far.
Any comments or suggestions would be greatly appreciated,
Dennis
Hi Dennis,
I also think using the NTFS's access control list to protect your
application's global configuration files is the proper approach. And as for
how to manipulate the NTFS permissions for file system, we can use the
buildin interfaces in the windows installer( can use in our install
project) or using script to manipulate the NTFS permissions. Here are some
certain reference on the related infos:
#How To Set Permissions Using the LockPermissions Table http://support.microsoft.com/?id=288975
#How to use Xcacls.vbs to modify NTFS permissions http://support.microsoft.com/?id=825751
Hope helps. Thanks,
Steven Cheng
Microsoft Online Support
Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
Steven:
The problem with manipulating NTFS permissions at the time of installation
is that the application cannot thereafter recover from a corrupted or
deleted xml config file on its own.
I am afraid some wise guy will decide its fun to try and change app settings
by directly editing the xml file at some point. As it stands right now, I
have xml validation checks each time the file is opened and if it is found
missing, it will be re-created with default values.
So, I would like the program to be able to write and modify the file,
regardless of what permissions the user has.
Thanks,
Dennis
"Steven Cheng[MSFT]" <v-******@online.microsoft.com> wrote in message
news:iq*************@TK2MSFTNGXA01.phx.gbl... Hi Dennis,
I also think using the NTFS's access control list to protect your
application's global configuration files is the proper approach. And as
for
how to manipulate the NTFS permissions for file system, we can use the
buildin interfaces in the windows installer( can use in our install
project) or using script to manipulate the NTFS permissions. Here are some
certain reference on the related infos:
#How To Set Permissions Using the LockPermissions Table
http://support.microsoft.com/?id=288975
#How to use Xcacls.vbs to modify NTFS permissions
http://support.microsoft.com/?id=825751
Hope helps. Thanks,
Steven Cheng
Microsoft Online Support
Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
Thanks for your response Dennis,
Yes, you're right. For normal desktop application, it'll runnin under the
logon user's account so that only the Administrators can use them to update
those proected configure files if we use NTFS permissions protection. (For
service application, we can configure it to running under a certain
account).
So if such NTFS restriction is not quite suitable to your app, I'm afraid
we could just let the configuration resource files available to all the
users, but provide additional SECRET and INTEGRITY protection. For
example, use symmetric or asymmetric algrithm to encrypt the file content
and use X509 certificat to digital sign the file(for prevent other ones
from modifying it).
Thanks,
Steven Cheng
Microsoft Online Support
Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.) This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: DFS |
last post by:
An application I wrote has been deployed on Citrix, and the Citrix admin
tells me all users run the same .mde file. There aren't a lot of concurrent
users, but even 2 could be cause for concern.
...
|
by: Mark |
last post by:
OK. Here we go. I have an ASP.NET application that does many hits to a SQL Server DB on a separate server. When I first created this application (2 years ago) and was very new to ASP/ASP.NET, to...
|
by: Schoo |
last post by:
I have some program constants that I need to set and I thought it would be
best to set them all up in a central location so that I can change them
quickly when we go from development to production....
|
by: WJ |
last post by:
I am attempting to use the Global.Asax to store my user's configuration.
Here is the concept:
1. User logs on into the site using Form Authentication.
2. I capture the user Credential, verify it...
|
by: NickP |
last post by:
Hi there,
I've been experiencing a strange issue for a short while now and have
managed to make a tiny replication of the bug.
The uploaded a VB.NET 2005 project which implements a single...
|
by: Sylvia A. |
last post by:
How can I define global classes in web application ?
Classes can be set to session variables ?
Thanks
|
by: tharika_c |
last post by:
Hi,
We have a simple ASP.NET web application where one of the Session
variables, called Session("SSO_ID") gets created and assigned a value
(equal to the HTTP_HRID request variable value),...
|
by: weaknessforcats |
last post by:
C++: The Case Against Global Variables
Summary
This article explores the negative ramifications of using global variables. The use of global variables is such a problem that C++ architects have...
|
by: Sid Price |
last post by:
HI,
I am not sure this is the correct place to raise this question, please
redirect me if not.
I have a VB.NET application with a deployment project. I need to create a
folder on the target...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
| |
