FOLDERID_PublicDocuments 和 FOLDERID_ProgramData 的权限混淆
在尝试回答有关程序可以由有限用户在任何版本的 Windows 上写入的文件夹的问题时,我建议使用 FOLDERID_ProgramData 和 FOLDERID_PublicDocuments。然而,似乎并不是每个人都可以访问该文件夹,尽管他们的目的(表面上)是允许向其中写入任何内容。为什么?
In trying to answer a question regarding a folder that a program can write to on any version of windows by limited users, i suggested FOLDERID_ProgramData and FOLDERID_PublicDocuments. However, it would seem that not everyone has access to this folder, despite their purpose (ostensibly) being to allow anything to write to them. Why?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我认为这个想法是文件所有者被授予对这些目录的完全权限,然后他可以设置谁有权访问该文件。
我现在就尝试一下...
...划掉那个。
普通用户的主要权限集似乎是通过网络和交互式内置安全组授予的。权限与用户的网络位置(本地登录或从网络登录)相关。这与向用户和/或域用户组授予权限的通常做法相反。
这也解释了为什么当我尝试测试某些用户的有效权限时,我什么也没得到。 (只有管理员具有明确定义的权限。)
I think the idea is that the file owner is given full permissions on those directories, and he can then set who has access to the file.
I'll just try it out now...
...scratch that.
It seems the main set of permissions for regular users is given via the NETWORK and INTERACTIVE built-in security groups. The permissions are tied to the network location of the user (logged in locally or from the network). This is in contrast to the usual practice of granting permissions to the Users and/or Domain Users group.
This also explains why when I tried testing the effective permissions for some user, I got nothing back. (Only the administrator had explicitly defined permissions.)