I'm modifying an old C++ program to run on Vista. It does not require Admin privileges.
I've changed the code to put logfiles in \ProgramData\MyApp\
. These logfiles are written with the stdio
functions (fopen
, fprintf
, fclose
).
Here's the problem:
UserA runs the program first, it creates
\ProgramData\MyApp\MyLogFile.txt
usingCreateFile()
UserB runs the program next, it tries to append to
MyLogFile.txt
and gets access denied.
I tried creating a null SECURITY_DESCRIPTOR
and passing that to CreateFile()
. That does create a file with "no permissions assigned", but it seems as if the first user to write to the file takes ownership and afterwards all the other non-admin users are out of luck.
It's important that all users share the same logfiles, but it's also important that I change as little code as possible.
Edited to add:
\ProgramData\MyApp
is created by a standard Visual Studio installer. (I don't see any place to set directory security.) When it creates \MyApp
it grants Users
these permissions:
Read & execute
List folder contents
Read
Special permissions
Under Advanced
I see that Special permissions includes:
Create files / write data
Create folders / append data
Write attributes
Write extended attributes