0
I'm thinking about moving the Windows 7 temp folders to a different partition to prevent excessive fragmentation. However, my concern is that if I simply change %TEMP%, user specific temporary files will lose their protection against read or write attempts from processes of different users.
Is my concern justified? How do I work around this?
dlldl
Posted 2011-03-11T21:40:47.963
Reputation: 3
1
The protection is based on standard NTFS access lists. By default, they inherit the ACL from the user profile directory.
When you create the temp folder, lock it down:
icacls "%Temp%" /grant:r %Username%:F
(/grant:r will replace the existing inherited permissions.)
Alternatively, right-click on your new temp folder, click Properties and open the Security tab.
If you are going to batch-create the folders for all users, make sure you have their ownership right.
user1686
Posted 2011-03-11T21:40:47.963
Reputation: 283 655
Well
%temp%is per user, isn't it? So is your fear justified? – None – 2011-03-11T21:49:45.510@Randolf: One does not need
%temp%to double-click their way into another user's directory. – user1686 – 2011-03-11T21:53:54.507I know this is largely unhelpful, but the solution to keeping your OS drive unfragmented is making your OS drive an SSD. ;) – Shinrai – 2011-03-12T00:23:23.767