I know that commonappdata (All Users) can hold system-wide application settings, but under Vista/7 non-elevated users can't write to that directory.
Is there a folder which is shared among users and any non-admin user can write to it?
Here is why I need this: My app is installed in PF directory by an Inno Setup installer with elevated rights. Then when the actual non-admin user runs the program, it copies its settings to the user's AppData directory using another non-elevated Inno Setup installer. Upon deinstalling the program (initiated by the system-wide installer with admin rights) I want to uninstall the program's files from each users' AppData directory.
I can think of two solutions: 1. Getting a list of Windows users and iterating through their AppData dirs (seems way too complicated) 2. Storing the paths to the uninstallers in the above mentioned common user data directory.
Any ideas?
Thanks!
"Shared Documents" Directory in Windows XP
C:\Documents and Settings\All Users\Documents
Or,
%ALLUSERSPROFILE%\Documents
Corresponding directory in Vista/7
C:\Users\Public
Or,
%PUBLIC%\Documents
But what you are really looking for, is the KNOWNFOLDERID value of FOLDERID_PublicDocuments (legacy CSIDL_COMMON_DOCUMENTS). The SHGetFolderPath function can then get you the path.
Or an easier VBScript alternative, but I'm not sure how reliable this is across OS versions:
Const CSIDL_COMMON_DOCUMENTS = &h2e
Set oShell = CreateObject("Shell.Application")
Wscript.Echo oShell.Namespace(CSIDL_COMMON_DOCUMENTS).Self.Path
I think NameSpace doesn't accept that particular constant. So you might be able to take COMMONAPPDATA = &H23 and then use its parent. But that's not very clean or internationalized:
Wscript.Echo oShell.NameSpace(&h23).ParentFolder.Self.Path & "\Documents"
But since you are using Inno Setup, you should really be using the {commondocs} Shell Folder Constant and make it easy for yourself.
The user owns the document folder. Expect files to be copied, moved, deleted or edited with another program if you put something there, because of the visibility to the user.
I suggest you to create a folder under the common application data (CSIDL_COMMON_APPDATA or FOLDERID_ProgramData) in your installer with a security descriptor that allows everyone access.
E.g.
[Dirs]
Name: "{commonappdata}\productname";Permissions:everyone-modify;
Would stuff under C:\Users\Public\ qualify for what you need?
Solution 1 looks quite reasonable to me. So every user control their and only their installation, and you control the central shared installation.
For solution 2 you can create a write-allowed folder in a well-defined location so that your installer knows about it, or use a registry key for the same purpose. But keep in mind that this may create a security hole because anyone could tamper with uninstall paths of other users.
来源:https://stackoverflow.com/questions/4484305/is-there-a-shared-folder-in-windows-to-which-non-elevated-users-have-write-acces