使用 JNA 设置 ProgramData 子文件夹的写入权限

发布于 2024-10-27 08:26:25 字数 538 浏览 3 评论 0原文

我有一个用 Java 编写的程序,它最初使用 Program Files 中的目录来写入该程序的所有用户都可以访问的文件。这要求我们的用户始终以管理员身份运行。为了缓解这个问题,我们决定使用 %ALLUSERSPROFILE% 环境变量将常规使用期间需要写入的文件移动到 ProgramData 文件夹。如果在安装过程中将其指定为可写,则在该目录中为我们的应用程序使用子文件夹会非常有效,这在使用 NSIS 时效果很好。

问题在于升级现有用户。 Java File API 提供了 setWritable,但在开发机器上测试后似乎不起作用。看起来 Java 7 的新文件 API 可以解决这个问题,但由于没有发布日期,我宁愿不等待。

看来最简单的解决方案是使用 JNA 调用适当的 Windows API 调用来设置此目录可写。由于升级软件需要管理员权限,与安装类似,因此应该让此更改顺利进行。但是,我不确定从哪里开始,因为之前从未使用过 JNA 或 Windows API。关于加载哪个 Windows 库以及调用哪些函数的建议将不胜感激,特别是如果有人以前遇到过类似的问题。

I have a program, written in Java, which originally used its directory in Program Files to write files accessible to all users of this program. This required our users to run as administrator all the time. In an effort to alleviate that, we decided to move files which needed to be written during regular usage to the ProgramData folder using the %ALLUSERSPROFILE% environment variable. Using a subfolder in this directory for our application works great if it is designated as writable during the installation process, which works fine using NSIS.

The problem comes with upgrading existing users. The Java File API provides setWritable but this does not appear to work after testing on development machines. It looks as though the new file API with Java 7 would solve this problem, but with no release date on the horizon I would rather not wait.

It seems the simplest solution would be to use JNA to call the appropriate Windows API call to set this directory writable. Since upgrading the software necessitates admin rights, similar to installing, it should let this change go through fine. However, I'm unsure where to start, having never used JNA before or the Windows API. Suggestions as to which Windows library to load and what functions to call would be appreciated, especially if someone has encountered a similar problem before.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

情域 2024-11-03 08:26:25

好吧,我很高兴您提供了一些背景信息...您可以使用 JNA,但更简单的方法是执行对命令行实用程序 cacls 的调用。我相信它默认包含在 Windows XP 安装中,所以它应该可以满足您的需要。尝试 Runtime.getRuntime().exec("C:\\Windows\\System32\\cacls.exe"+options)

查看此处的文档 -> http://technet.microsoft.com/en-us/library/bb490872.aspx

Well, I'm glad you gave some background...You could use JNA, but the easier way would be to execute a call to the command-line utility cacls. It's included by default in Windows XP installations, I believe, so it should do the trick for you. Try Runtime.getRuntime().exec("C:\\Windows\\System32\\cacls.exe"+options)

Check out the documentation here -> http://technet.microsoft.com/en-us/library/bb490872.aspx

久随 2024-11-03 08:26:25

我使用以下行:

Runtime.getRuntime().exec( "C:\\Windows\\System32\\icacls.exe \"%ProgramData%\my application" /grant *S-1-5-32-545:(OI)(CI)(W,M)" );

S-1-5-32-545 是 BUILTIN\Users 的 SID,因为该名称仅适用于英文系统。 https://support.microsoft.com/de-de/kb/163846

这使 BUILTIN\Users 能够对给定目录中的所有文件进行写访问,而与创建该目录的用户无关。

I use the follow line:

Runtime.getRuntime().exec( "C:\\Windows\\System32\\icacls.exe \"%ProgramData%\my application" /grant *S-1-5-32-545:(OI)(CI)(W,M)" );

S-1-5-32-545 is the SID for BUILTIN\Users because the name work only on English systems. https://support.microsoft.com/de-de/kb/163846

This give the BUILTIN\Users write access to all files in the given directory independent which user has create it.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文