ansaurus

Question

Safe Storage Locations for Any User, C#, Windows

Answer 1

+1 A:

You should be able to write to any folder whose permissions are set to allow Everybody. You can set those permissions inside your installer, or even by hand.

egrunin 2010-09-13 21:44:16

If the folder does not exist yet, my application will throw the exception whenever it tries to create it.

jp2code 2010-09-13 21:50:53

So you are running as a 'User' when you attempt to create a directory in this location? You should be able to create directories there. Take yourself outside of .NET, is there something inside your corporate environment that disallows this? You might check if you can create one manually through explorer.

Wil P 2010-09-13 22:01:26

@egrunin: Where could I find a good technique for doing this? I already know how to get into the Installer class. I just need to know how to edit/set permissions on a folder. If this is done from an installer, I take it I would be able to use the current User ID (assuming he/she is Super User or Admin). I've seen a few examples, but they are all very different.

jp2code 2010-09-15 11:55:34

Answer 2

+1 A:

I use CommonApplicationData and it seems to work fine with one caveat. I found that if an admin creates the subdirectory within the CommonApplicationData path then other users who are 'non-admin' cannot delete that directory. You may need to add a FileSystemAccessRule to the DirectoryInfo object when you create the sub directory contained within CommonApplicationData. There is an overload to the create method that allows you to specify an object of this type.

Edit: with code snippet.

public static void CreateWithEveryoneFullControlIfAdmin(this DirectoryInfo source)
{
    if (IsAdmin())
    {
        DirectorySecurity directorySecurity = Directory.GetAccessControl(Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData));
        FileSystemAccessRule accessRule
            = new FileSystemAccessRule(@"BUILTIN\Users", FileSystemRights.FullControl,
                InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit,
                PropagationFlags.None,
                AccessControlType.Allow);

        bool modified = false;
        directorySecurity.ModifyAccessRule(AccessControlModification.Add,
            accessRule,
            out modified);

        if (modified)
        {
            source.Create(directorySecurity);
        }
        else
        {
            source.Create();
        }
    }
    else
    {
        source.Create();
    }
}

public static bool IsAdmin()
{
    WindowsIdentity identity = WindowsIdentity.GetCurrent();
    WindowsPrincipal principal = new WindowsPrincipal(identity);
    return principal.IsInRole(WindowsBuiltInRole.Administrator);
}

Wil P 2010-09-13 21:44:19

Rats! Nope, this code gave me the error too. I was hoping it would work, though.

jp2code 2010-09-13 22:19:13

Given your stack trace I wonder if something else has a handle to log file stored in CommonApplicationData, what are you using for logging?

Wil P 2010-09-13 22:48:11

It is a custom function that accepts the exception and passes in the file/routine that threw the exception - so I can trace down where the problem came from!

jp2code 2010-09-14 14:07:24

Well, based on reviewing you stack trace I'd be suspicious that you have a lock on the file because another operation already has the file open and is writing to it.

Wil P 2010-09-14 14:33:43

+1. I do lock the file, and there is threading going on. That could be a possibility. I'm not sure why the Public account would be the only one experiencing this, though.

jp2code 2010-09-15 11:52:31

Answer 3

+2 A:

I know you said you don't want to use IsolatedStorage because you don't want each user to have to have their own setup.

But have you looked at IsolatedStorage using the MachineStore? If I understand correctly (and I could be wrong, wouldn't be the first time) this should be shared by all users accessing your application.

using(IsolatedStorageFile store = IsolatedStorageFile.GetMachineStoreForApplication())
{
    // check if file exists or not
    try
    {
        using(IsolatedStorageFileStream isfs = new IsolatedStorageFileStream(STG_FILE_NAME, FileMode.OpenOrCreate, store)) {
            StreamWriter sw = new StreamWriter(isfs);
            foreach(string key in m_values.Keys) {
                sw.WriteLine(key + "::" + m_values[key]);
            } // foreach
            sw.Flush();
        } // using
    } catch(IOException) {
        // generally because file is locked by another process...do nothing
    }
} // using

Alternatively, you could change your application's config file's permissions to allow everyone access. This could be done by a privileged user the first time your app is run.

http://www.techtalkz.com/c-c-sharp/153732-saving-files-so-any-user-can-access-them.html

FileInfo fileInfo = new FileInfo(path);
FileSecurity fileSecurity = fileInfo.GetAccessControl();
fileSecurity.AddAccessRule(new FileSystemAccessRule(
    "Users",
    FileSystemRights.FullControl,
    AccessControlType.Allow) );

fileInfo.SetAccessControl(fileSecurity);

Zippit 2010-09-13 21:47:20

Answer 4

+1 A:

OK, here is my two cents hope it helps you.

If you can hard-code some admin level credentials in your program, you may use impersonation for that part of the code that needs access to folders. Have a look here:

http://www.codeproject.com/KB/cs/cpimpersonation1.aspx

Personally, however, I would favour storing in ApplicationData.

Aliostad 2010-09-13 22:04:39

Great Idea! However, our Network Administrator claims Sorbanes-Oxley act prevents him from creating an Admin account with a static password.

jp2code 2010-09-15 11:56:51

ansaurus

tags:

views:

answers:

Safe Storage Locations for Any User, C#, Windows

related questions