Permissions on new created files (Windows 7 specific)?

3

Maybe a noob question, but how ALCs are determined on new created files (by running MyApp.exe)? I'd like to grant "users" full control on new files created inside C:\ProgramData\MyApp when launching myapp.exe. However this is not working:

icacls "%ProgramData%\MyApp" /grant "Users":(OI)(CI)F
echo "" >> "%ProgramData%\MyApp\test.txt"

test.txt of course has right permissions (full control by users group). However when i run MyApp.exe it creates a tons of files in "%ProgramData%\MyApp" but without any ACLs information.

Where i'm wrong? Thanks a lot.

user34295

Posted 2011-06-06T23:39:58.453

Reputation: 205

Answers

2

The CreateFile() Win32 API allows specifying a custom security descriptor to be applied for new files. It could be that the author of MyApp, instead of using NULL, specified a valid but empty descriptor, resulting in the lack of ACLs.

user1686

Posted 2011-06-06T23:39:58.453

Reputation: 283 655

Asked: 2011-06-06T23:39:58.453

Viewed: 2 877 times

Active: 2011-06-07T11:03:04.333