Windows 中是否存在非提升用户具有写入权限的共享文件夹?

发布于 2024-10-08 08:04:13 字数 420 浏览 9 评论 0原文

我知道 commonappdata(所有用户)可以保存系统范围的应用程序设置,但在 Vista/7 下,非提升用户无法写入该目录。

是否有一个在用户之间共享且任何非管理员用户都可以写入的文件夹?

这就是我需要这个的原因: 我的应用程序由具有提升权限的 Inno Setup 安装程序安装在 PF 目录中。然后,当实际的非管理员用户运行该程序时,它会使用另一个非提升的 Inno Setup 安装程序将其设置复制到用户的 AppData 目录。卸载程序后(由具有管理员权限的系统范围安装程序启动),我想从每个用户的 AppData 目录中卸载程序的文件。

我可以想到两种解决方案: 1. 获取 Windows 用户列表并遍历他们的 AppData 目录(看起来太复杂了) 2. 将卸载程序的路径存储在上述公共用户数据目录中。

有什么想法吗?

谢谢!

I know that commonappdata (All Users) can hold system-wide application settings, but under Vista/7 non-elevated users can't write to that directory.

Is there a folder which is shared among users and any non-admin user can write to it?

Here is why I need this:
My app is installed in PF directory by an Inno Setup installer with elevated rights. Then when the actual non-admin user runs the program, it copies its settings to the user's AppData directory using another non-elevated Inno Setup installer. Upon deinstalling the program (initiated by the system-wide installer with admin rights) I want to uninstall the program's files from each users' AppData directory.

I can think of two solutions:
1. Getting a list of Windows users and iterating through their AppData dirs (seems way too complicated)
2. Storing the paths to the uninstallers in the above mentioned common user data directory.

Any ideas?

Thanks!

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(4

笨笨の傻瓜 2024-10-15 08:04:13

Windows XP 中的“共享文档”目录

C:\Documents and Settings\All Users\Documents

或者

%ALLUSERSPROFILE%\Documents

Vista/7 中的相应目录

C:\Users\Public

或者,

%PUBLIC%\Documents

但您真正要查找的是 FOLDERID_PublicDocuments 的 KNOWNFOLDERID 值(旧版 CSIDL_COMMON_DOCUMENTS)。 SHGetFolderPath 函数可以获取路径。

或者更简单的 VBScript 替代方案,但我不确定这在操作系统版本中的可靠性如何:

Const CSIDL_COMMON_DOCUMENTS = &h2e 
Set oShell = CreateObject("Shell.Application")
Wscript.Echo oShell.Namespace(CSIDL_COMMON_DOCUMENTS).Self.Path

我认为 NameSpace 不接受特定的 常量。因此,您也许可以采用 COMMONAPPDATA = &H23 然后使用其父级。但这不是很干净或国际化:

Wscript.Echo oShell.NameSpace(&h23).ParentFolder.Self.Path & "\Documents"

但是由于您使用的是 Inno Setup,因此您应该真正使用 {commondocs} Shell 文件夹常量 并让自己变得轻松。

"Shared Documents" Directory in Windows XP

C:\Documents and Settings\All Users\Documents

Or,

%ALLUSERSPROFILE%\Documents

Corresponding directory in Vista/7

C:\Users\Public

Or,

%PUBLIC%\Documents

But what you are really looking for, is the KNOWNFOLDERID value of FOLDERID_PublicDocuments (legacy CSIDL_COMMON_DOCUMENTS). The SHGetFolderPath function can then get you the path.

Or an easier VBScript alternative, but I'm not sure how reliable this is across OS versions:

Const CSIDL_COMMON_DOCUMENTS = &h2e 
Set oShell = CreateObject("Shell.Application")
Wscript.Echo oShell.Namespace(CSIDL_COMMON_DOCUMENTS).Self.Path

I think NameSpace doesn't accept that particular constant. So you might be able to take COMMONAPPDATA = &H23 and then use its parent. But that's not very clean or internationalized:

Wscript.Echo oShell.NameSpace(&h23).ParentFolder.Self.Path & "\Documents"

But since you are using Inno Setup, you should really be using the {commondocs} Shell Folder Constant and make it easy for yourself.

Smile简单爱 2024-10-15 08:04:13

用户拥有文档文件夹。如果您将某些内容放在那里,由于对用户的可见性,预计文件会被其他程序复制、移动、删除或编辑。

我建议您在安装程序中的通用应用程序数据(CSIDL_COMMON_APPDATA 或 FOLDERID_ProgramData)下创建一个文件夹,并使用允许每个人访问的安全描述符。

例如

[Dirs]
Name: "{commonappdata}\productname";Permissions:everyone-modify;

The user owns the document folder. Expect files to be copied, moved, deleted or edited with another program if you put something there, because of the visibility to the user.

I suggest you to create a folder under the common application data (CSIDL_COMMON_APPDATA or FOLDERID_ProgramData) in your installer with a security descriptor that allows everyone access.

E.g.

[Dirs]
Name: "{commonappdata}\productname";Permissions:everyone-modify;
李白 2024-10-15 08:04:13

C:\Users\Public\ 下的内容是否符合您的需求?

Would stuff under C:\Users\Public\ qualify for what you need?

风柔一江水 2024-10-15 08:04:13

解决方案 1 对我来说看起来很合理。因此,每个用户都只能控制他们的安装,而您可以控制中央共享安装。

对于解决方案 2,您可以在明确定义的位置创建一个允许写入的文件夹,以便您的安装程序了解它,或者使用注册表项来实现相同目的。但请记住,这可能会产生安全漏洞,因为任何人都可能篡改其他用户的卸载路径。

Solution 1 looks quite reasonable to me. So every user control their and only their installation, and you control the central shared installation.

For solution 2 you can create a write-allowed folder in a well-defined location so that your installer knows about it, or use a registry key for the same purpose. But keep in mind that this may create a security hole because anyone could tamper with uninstall paths of other users.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文