Solved

admin account vs user account in windows

Posted on 2004-04-19
3
237 Views
Last Modified: 2013-11-20
Hi,

I have a file in C:\Program Files\etc etc...

I never realized that I could read / write from these files without any issues simply because my user account had admin rights.

I am always refused access to these files if I use an account that does not have admin rights. Something like

Code:
CStdioFile file;

if (!file.Open("C:\\test.txt", CFile::modeReadWrite)) {
    cout << "couln't open file";
}
else {
    cout << "file opened ok";
}

will always fail in my non admin account. Is there anyway to tell the OS the user can access this file through my app?

Thanks
0
Comment
Question by:ragin_cajun
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 86

Expert Comment

by:jkr
ID: 10860721
As an admin, use

cacls.exe /e /g yourotheraccount:f c:\test.txt
0
 
LVL 1

Author Comment

by:ragin_cajun
ID: 10860878
Hi jkr, it seemed to work, but is there any way to do it programatically at runtime right before the file is accessed, then set back to normal access rights?

Otherwise I would have to ask the administrator to change the permission for all users on all the files accessed each time they do an install.

Thanks
0
 
LVL 86

Accepted Solution

by:
jkr earned 100 total points
ID: 10861493
>> but is there any way to do it programatically at runtime right before the file is accessed

That's sourt of pointless. When your program is not running under the admin account, you cannot change the access mode anyway. But, if you really want to know that:

   LPTSTR FileName = "C:\\test.txt";
   LPTSTR TrusteeName = "Everyone";

   DWORD InheritFlag = NO_INHERITANCE;
   ACCESS_MODE option = GRANT_ACCESS;
   EXPLICIT_ACCESS explicitaccess;

   PACL ExistingDacl;
   PACL NewAcl = NULL;
   PSECURITY_DESCRIPTOR psd = NULL;

   DWORD dwError;

   dwError = GetNamedSecurityInfo(
                       FileName,
                       SE_FILE_OBJECT,
                       DACL_SECURITY_INFORMATION,
                       NULL,
                       NULL,
                       &ExistingDacl,
                       NULL,
                       &psd
                       );

   BuildExplicitAccessWithName(
         &explicitaccess,
         TrusteeName,
         GENERIC_READ | GENERIC_WRITE | STANDARD_RIGHTS_ALL,
         SET_ACCESS,
         InheritFlag
         );

   //
   // add specified access to the object
   //

   dwError = SetEntriesInAcl(
           1,
           &explicitaccess,
           ExistingDacl,
           &NewAcl
           );

   //
   // apply new security to file
   //

   dwError = SetNamedSecurityInfo(
                   FileName,
                   SE_FILE_OBJECT, // object type
                   DACL_SECURITY_INFORMATION,
                   NULL,
                   NULL,
                   NewAcl,
                   NULL
                   );
0

Featured Post

 Watch the Recording: Learning MySQL 5.7

MySQL 5.7 has a lot of new features. If you've dabbled with an older version of MySQL, it is definitely worth learning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction: Dialogs (1) modal - maintaining the database. Continuing from the ninth article about sudoku.   You might have heard of modal and modeless dialogs.  Here with this Sudoku application will we use one of each type: a modal dialog …
In this post we will learn different types of Android Layout and some basics of an Android App.
This video will show you how to get GIT to work in Eclipse.   It will walk you through how to install the EGit plugin in eclipse and how to checkout an existing repository.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question