But why call a directory ProgramData when you can't use it for data? Al -----Original Message-----
I think pretty much since Win 2000 (and certainly with XP), if I wanted a "restricted" or "standard" user to be able to write to a location (or my software to write to a location when run by such a user), I either needed to make that location be inside the user's "profile" (\Documents and Settings\[username]\somewhere on 2000 or XP, or \Users\[username]\somewhere, or \Users\Public\somewhere on later OSes), or grant explicit rights to the user for location via the Security tab of the Properties window. I am pretty sure that's been the case starting from the first NT-based OS and NTFS file system. I think part of the confusion has been that developers and most users have ignored repeated recommendations that nobody should ever run as anything except a restricted user unless they are installing something. If you run with higher level permissions, then every location "just works", and people got seduced by that. Again-- I don't think that restricting access to different locations for different grades of users is a worthwhile "security" measure, because malware authors can make ANYTHING work ANYWHERE. But such restrictions are not in any sense "new". They simply don't come into play if you don't also follow recommendations to not run as Administrator or Power User. Ken Dibble www.stic-cil.org _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://mail.leafe.com/mailman/listinfo/profox OT-free version of this list: http://mail.leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/000901cf65cc$d62c8790$828596b0$@com ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
