Archive: File ownership and RequestExecutionLevel


File ownership and RequestExecutionLevel
We install a driver and futz with HKLM a bit, so our setup runs as Administrator. The application itself doesn't need to run as admin and we'd like to keep it that way if possible. However any files created or installed by the installer have "Administrators" for an owner and aren't modifiable if the app is not running as admin.

When running the installer is there any way of (a) determining the user prior to UAC elevation to "Administrators", and (b) setting the owner of the installed writable files to that user -- or -- setting the permissions within the installer such that other users can modify the files?

Thank you!


You can use AccessControl to modify file permissions. I don't know how to determine the original user, but a better solution would be having your application keep data in the Application Data folder and not Program Files anyway.


...but anyway if you do it not as advised you should get the GROUP the user belongs to, not the user itself only.

There is an API for this, do not recall from top of my head. Searching the web will help.


Thanks both. Absolutely we should be storing volatile files in Application Data, but we've got to change the documentation, modify tech behavior, etc. So for the short term I'll try the above.

The USERNAME variable has the current user in it even when running as admin.

The UserMgr plugin has some nice user/group management features, but nothing to get the group from the user. I'll keep scrounging around or write my own if I have to.

Thanks again!