Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 240
  • Last Modified:

admin account vs user account in windows

Hi,

I have a file in C:\Program Files\etc etc...

I never realized that I could read / write from these files without any issues simply because my user account had admin rights.

I am always refused access to these files if I use an account that does not have admin rights. Something like

Code:
CStdioFile file;

if (!file.Open("C:\\test.txt", CFile::modeReadWrite)) {
    cout << "couln't open file";
}
else {
    cout << "file opened ok";
}

will always fail in my non admin account. Is there anyway to tell the OS the user can access this file through my app?

Thanks
0
ragin_cajun
Asked:
ragin_cajun
  • 2
1 Solution
 
jkrCommented:
As an admin, use

cacls.exe /e /g yourotheraccount:f c:\test.txt
0
 
ragin_cajunAuthor Commented:
Hi jkr, it seemed to work, but is there any way to do it programatically at runtime right before the file is accessed, then set back to normal access rights?

Otherwise I would have to ask the administrator to change the permission for all users on all the files accessed each time they do an install.

Thanks
0
 
jkrCommented:
>> but is there any way to do it programatically at runtime right before the file is accessed

That's sourt of pointless. When your program is not running under the admin account, you cannot change the access mode anyway. But, if you really want to know that:

   LPTSTR FileName = "C:\\test.txt";
   LPTSTR TrusteeName = "Everyone";

   DWORD InheritFlag = NO_INHERITANCE;
   ACCESS_MODE option = GRANT_ACCESS;
   EXPLICIT_ACCESS explicitaccess;

   PACL ExistingDacl;
   PACL NewAcl = NULL;
   PSECURITY_DESCRIPTOR psd = NULL;

   DWORD dwError;

   dwError = GetNamedSecurityInfo(
                       FileName,
                       SE_FILE_OBJECT,
                       DACL_SECURITY_INFORMATION,
                       NULL,
                       NULL,
                       &ExistingDacl,
                       NULL,
                       &psd
                       );

   BuildExplicitAccessWithName(
         &explicitaccess,
         TrusteeName,
         GENERIC_READ | GENERIC_WRITE | STANDARD_RIGHTS_ALL,
         SET_ACCESS,
         InheritFlag
         );

   //
   // add specified access to the object
   //

   dwError = SetEntriesInAcl(
           1,
           &explicitaccess,
           ExistingDacl,
           &NewAcl
           );

   //
   // apply new security to file
   //

   dwError = SetNamedSecurityInfo(
                   FileName,
                   SE_FILE_OBJECT, // object type
                   DACL_SECURITY_INFORMATION,
                   NULL,
                   NULL,
                   NewAcl,
                   NULL
                   );
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now