I have an application that has script files which are stored in Program files. Users can edit and override these scripts, which are then stored in "my documents/app scripts". I've added an elevated application that will be run by the user (and prompt for elevation) which can delete exiting all user scripts, or publish scripts to be made available for all users. This application uses MoveFileEx to move the file from the local location to program files, however, when it gets there the file has a padlock overlay icon meaning not all users can access the file, and indeed, when you look at the security for the file there is no entry for the USERS group.
My question is this. How can I programmatically modify the DACL to allow USERS read/execute permissions on the file?