A Windows Vista forum. Vista Banter

Welcome to Vista Banter.

You are currently viewing our boards as a guest which gives you limited access to view most discussions, articles and access our other FREE features. By joining our free community you will have access to ask questions and reply to others posts, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today!

If you have any problems with the registration process or your account login, please contact contact support.

Go Back   Home » Vista Banter forum » Microsoft Windows Vista » Security and Windows Vista
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

Security and Windows Vista A forum for discussion on security issues with Windows Vista. (microsoft.public.windows.vista.security)

File ownership for legacy installer programs



 
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old September 5th 06, 09:06 PM posted to microsoft.public.windows.vista.security
Roof Fiddler
external usenet poster
 
Posts: 121
Default File ownership for legacy installer programs

If I run as an administrative user a legacy installer program for a program
which stores user settings and data in its own directory, then the files and
directories it creates are owned by and accessible to that user, and the
program runs correctly as that user. But if I run the installer as a regular
user, and then enter an admin user's password in the UAC dialog when the
program needs to elevate its privileges, will the files and directories
which it creates be owned by the regular user or the admin user? Will they
by default at least be set as writeable by the regular user?

I've read that Vista has a compatibility mode by which programs which try to
write data to their own program directories while running as ordinary users
will have that data transparently written instead to a union directory under
the user's own home directory so that the program will work properly on
Vista, but even when I enable compatibility mode in the program's settings,
I can't get Palm's desktop software to work under a user account. Even more
oddly, it won't work even if I run it with the "run as administrator" option
in a regular user account.
Are there any known problems with the union directory feature on Vista build
5536?

  #2 (permalink)  
Old September 6th 06, 01:07 AM posted to microsoft.public.windows.vista.security
Jimmy Brush
external usenet poster
 
Posts: 827
Default File ownership for legacy installer programs

Hello,

snip
But if I run the installer as a regular user, and then enter an admin
user's password in the UAC dialog when the program needs to elevate its
privileges, will the files and directories which it creates be owned by
the regular user or the admin user?


They will be owned by the administrators group.

Will they by default at least be set as writeable by the regular user?


No. They will only inherit the permissions marked as inheritable from the
parent folder. For most folders, this is Normal users read-only,
administrative users full control. The only folder normal users have write
access to is their user profile directory.

You will need to manually edit security to allow a user write-access to a
folder outside of their user profile directory.

I've read that Vista has a compatibility mode by which programs which try
to write data to their own program directories while running as ordinary
users will have that data transparently written instead to a union
directory under the user's own home directory so that the program will
work properly on Vista, but even when I enable compatibility mode in the
program's settings, I can't get Palm's desktop software to work under a
user account. Even more oddly, it won't work even if I run it with the
"run as administrator" option in a regular user account.
Are there any known problems with the union directory feature on Vista
build 5536?


The "Virtualization" compatability mode is enabled for 32-bit programs that
were not designed for Windows Vista and are not running as administrator.
This mode will silently redirect programs that save things to
HKEY_LOCAL_MACHINE and certain folder locations such as program files to the
user's profile directory.

Due to the way virtualization is designed, it can cause problems in certain
situations. For example, a program that relies on a certain file being
writable from different user accounts will behave unexpectedly, since each
user will have their own copy of that file and will not see changes made
from other user accounts.

Virtualization also causes problems if you are dual-booting and wanting to
share config files for certain applications between Vista and the other
operating system.

Based on what you described with Palm's desktop software, I do not believe
virtualization is the culprit, as running the program "as administrator"
disables virtualization, and this would have allowed the program to work.


--
- JB

Windows Vista Support Faq
http://www.jimmah.com/vista/

 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT. The time now is 09:44 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.Search Engine Optimization by vBSEO 3.0.0 RC6
Copyright ©2004-2024 Vista Banter.
The comments are property of their posters.