As pointed out in Writing config file in C:\Program Files (x86)\MyApp\myapp.cfg, vs. Administrator privilege, it is not a good idea to write a config file in C:\Program Files (x86)\MyApp\myapp.cfg
.
Instead of this, my software now saves its data in a subdir of %ALLUSERSPROFILE%
(ex : C:\ProgramData\MyApp\myapp.cfg
on Win7)
[I use myfile = open(filename, 'a')
in Python to do this.]
I now encounter an issue about this file :
User A
, and ran it, then the file C:\ProgramData\MyApp\myapp.cfg
was written.User B
, and ran my software again : now an error is displayed : User 2
has no right to write in C:\ProgramData\MyApp\myapp.cfg
(Permission denied
).Why? Isn't %ALLUSERSPROFILE%
a place that can be written by all users?
How to solve this problem ?
No, C:\ProgramData
, aka FOLDERID_ProgramData
, has restricted security settings. Standard users can create files there. But these files are, by default, secured so that only the user that created the file can subsequently modify the file.
The recommended solution is for your installer to create a sub directory of C:\ProgramData
for your shared storage. And that sub directory must be given a permissive ACL by the installation program. That is what grants the desired access to all standard users.
I do wonder whether you really need shared writeable data. Normally I'd expect to see shared configuration be something that is specified at install time and modified infrequently by administrators. Most configuration data tends to be per user.