Solved

admin account vs user account in windows

Posted on 2004-04-19
3
228 Views
Last Modified: 2013-11-20
Hi,

I have a file in C:\Program Files\etc etc...

I never realized that I could read / write from these files without any issues simply because my user account had admin rights.

I am always refused access to these files if I use an account that does not have admin rights. Something like

Code:
CStdioFile file;

if (!file.Open("C:\\test.txt", CFile::modeReadWrite)) {
    cout << "couln't open file";
}
else {
    cout << "file opened ok";
}

will always fail in my non admin account. Is there anyway to tell the OS the user can access this file through my app?

Thanks
0
Comment
Question by:ragin_cajun
  • 2
3 Comments
 
LVL 86

Expert Comment

by:jkr
ID: 10860721
As an admin, use

cacls.exe /e /g yourotheraccount:f c:\test.txt
0
 
LVL 1

Author Comment

by:ragin_cajun
ID: 10860878
Hi jkr, it seemed to work, but is there any way to do it programatically at runtime right before the file is accessed, then set back to normal access rights?

Otherwise I would have to ask the administrator to change the permission for all users on all the files accessed each time they do an install.

Thanks
0
 
LVL 86

Accepted Solution

by:
jkr earned 100 total points
ID: 10861493
>> but is there any way to do it programatically at runtime right before the file is accessed

That's sourt of pointless. When your program is not running under the admin account, you cannot change the access mode anyway. But, if you really want to know that:

   LPTSTR FileName = "C:\\test.txt";
   LPTSTR TrusteeName = "Everyone";

   DWORD InheritFlag = NO_INHERITANCE;
   ACCESS_MODE option = GRANT_ACCESS;
   EXPLICIT_ACCESS explicitaccess;

   PACL ExistingDacl;
   PACL NewAcl = NULL;
   PSECURITY_DESCRIPTOR psd = NULL;

   DWORD dwError;

   dwError = GetNamedSecurityInfo(
                       FileName,
                       SE_FILE_OBJECT,
                       DACL_SECURITY_INFORMATION,
                       NULL,
                       NULL,
                       &ExistingDacl,
                       NULL,
                       &psd
                       );

   BuildExplicitAccessWithName(
         &explicitaccess,
         TrusteeName,
         GENERIC_READ | GENERIC_WRITE | STANDARD_RIGHTS_ALL,
         SET_ACCESS,
         InheritFlag
         );

   //
   // add specified access to the object
   //

   dwError = SetEntriesInAcl(
           1,
           &explicitaccess,
           ExistingDacl,
           &NewAcl
           );

   //
   // apply new security to file
   //

   dwError = SetNamedSecurityInfo(
                   FileName,
                   SE_FILE_OBJECT, // object type
                   DACL_SECURITY_INFORMATION,
                   NULL,
                   NULL,
                   NewAcl,
                   NULL
                   );
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction: Displaying information on the statusbar.   Continuing from the third article about sudoku.   Open the project in visual studio. Status bar – let’s display the timestamp there.  We need to get the timestamp from the document s…
Introduction: Ownerdraw of the grid button.  A singleton class implentation and usage. Continuing from the fifth article about sudoku.   Open the project in visual studio. Go to the class view – CGridButton should be visible as a class.  R…
This video will show you how to get GIT to work in Eclipse.   It will walk you through how to install the EGit plugin in eclipse and how to checkout an existing repository.

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question