Windows XP folder permissions
I need to distribute database with my app, which should run on all win OS (9x, 2000, nt, xp). I read out that the best place for DB is in "All Users\Application data" directory. There I created subfolder APP in which I put my DB.
Everything is OK until USER logs in win XP (service pack 2). He does not have write permission to my folder. I found out that I can change permissions by modify LockPermission table in MSI.
I tried it and it works just fine. But I do not known constats to use in "Permission" column to set MODIFY permission for user.
There are 4 permission constants in MSDN:
general_read
general_write
general_execute
general_all
(+ in winnt.h are some more constants)
which are useless fo me.
Most appropriate constat is general_all but this one entitle user to change permission for other user.
I read lot of articles and formus, but there is no mention of MODIFY permission. I also created utility that read permissions from folder using API functions but the returned numbers doesn't seems to be suitable for lockpermission table.
So my question is: How can I get value for "Permission" column to set wanted permissions.
Secondary problem with LockPermission table is that MSI does not alter permissions for folder, but remove ALL permissions from this folder and after that set new permissions using LockPermission table. So I just need to grant write permission to user but I must set perms for administrators, power users etc.. Is there any way to JUST ALTER permission for folder (without using scripts)?
thanx a lot...
Everything is OK until USER logs in win XP (service pack 2). He does not have write permission to my folder. I found out that I can change permissions by modify LockPermission table in MSI.
I tried it and it works just fine. But I do not known constats to use in "Permission" column to set MODIFY permission for user.
There are 4 permission constants in MSDN:
general_read
general_write
general_execute
general_all
(+ in winnt.h are some more constants)
which are useless fo me.
Most appropriate constat is general_all but this one entitle user to change permission for other user.
I read lot of articles and formus, but there is no mention of MODIFY permission. I also created utility that read permissions from folder using API functions but the returned numbers doesn't seems to be suitable for lockpermission table.
So my question is: How can I get value for "Permission" column to set wanted permissions.
Secondary problem with LockPermission table is that MSI does not alter permissions for folder, but remove ALL permissions from this folder and after that set new permissions using LockPermission table. So I just need to grant write permission to user but I must set perms for administrators, power users etc.. Is there any way to JUST ALTER permission for folder (without using scripts)?
thanx a lot...
0 Comments
[ + ] Show comments
Answers (4)
Please log in to answer
Posted by:
brenthunter2005
19 years ago
If I was you, I would start thinking of placing the DB in the C:\Program Files\ApplicationName\DB\ folder....
Posted by:
curio124
19 years ago
thanx for quick response, but this doesn't solve my problem.
Each folder wich admin creates have only read/exec/list perm for users.
(maybe I should mentioned that our installation need admin privileges and is for ALLUSERS)
Each folder wich admin creates have only read/exec/list perm for users.
(maybe I should mentioned that our installation need admin privileges and is for ALLUSERS)
Posted by:
brenthunter2005
19 years ago
OK,
To give users MODIFY rights over a FOLDER, the neccessary variable to enter into the Permission column in the LockPermissions table is '-536673793'.
As you say before, this will overwrite the current permissions on that folder. I usually add the local Administrators group and SYSTEM (with full rights) as well.
I hope this helps.
To give users MODIFY rights over a FOLDER, the neccessary variable to enter into the Permission column in the LockPermissions table is '-536673793'.
As you say before, this will overwrite the current permissions on that folder. I usually add the local Administrators group and SYSTEM (with full rights) as well.
I hope this helps.
Posted by:
WiseUser
19 years ago
I'm sorry to question the information you've been given, but I'm not sure it's entirely accurate. The location of your database should depend on a number of factors - whether the database should be shared, whether it should roam with the user, the (potential) size of the database, disaster recovery and security issues.
Should all users of the PC share the same copy of the database?
If not, it would be better to store the database in the "LocalAppDataFolder" (no roaming) folder or "AppDataFolder" (roaming required). You are currently using the "CommonAppDataFolder" folder which means that the database will be shared by all users of the PC and won't roam - this may also be giving you a "permissions" problem that you needn't have.
If the database should be shared by all machine users, then why shouldn't it be shared by all application users (network wide), in which case it should be stored on a network share.
Will the user store company data in the database? If so, how will you back it up if it's local?
Might any of the information stored in the database be confidential? This might influence where you wish to store the database.
Should all users of the PC share the same copy of the database?
If not, it would be better to store the database in the "LocalAppDataFolder" (no roaming) folder or "AppDataFolder" (roaming required). You are currently using the "CommonAppDataFolder" folder which means that the database will be shared by all users of the PC and won't roam - this may also be giving you a "permissions" problem that you needn't have.
If the database should be shared by all machine users, then why shouldn't it be shared by all application users (network wide), in which case it should be stored on a network share.
Will the user store company data in the database? If so, how will you back it up if it's local?
Might any of the information stored in the database be confidential? This might influence where you wish to store the database.
Rating comments in this legacy AppDeploy message board thread won't reorder them,so that the conversation will remain readable.