Vista's data redirection into the new "virtual store" killing my app - advice?

Question

 Now that Vista no longer lets you write files to the "Program Files" directory (after the initial install) my app doesnt work correctly.  The new Vista security design feature  (aka the newly introduced MS redirecting driver) now takes the files that were going to the the "Program Files\ myApp\"  directory and redirects them the users local profile into a "Virtual Store" directory.   I completely understand the MS necessity to do this to help maintain security\integrity. 

Per the link below, it discusses how applications run as a standard user, even if your logged on as the administrator running the app.  The articles states you can "mark" certain applications as needing the full administrator token when running - evidently you do this in the application compatibility database somehow? Can anyone tell me how? 

Can anyone direct me as to what "common courses of action" developers and software engineers are taking to make legacy app's that are used to writing log files or other data to the "Program Files\YourApp" directory now work in Vista's user centric environment? 

I hate to think that all applications will have to start writing more data to the users profile, making it even more bloated that it currently is.

For more info on Vista's new data redirection/virtualization, User Account Control (UAC), and the Application Information Service (AIS)  read more at 

http://www.microsoft.com/technet/technetmag/issues/2006/05/FirstLook/

Answer 1

It's really pretty simple. Just Right Click on the Icon for the program or it's shortcut and go to Properties.  On the Compatibility tab at the bottom is a check box to select to Run as Administrator.  There is also an option at the top to run it in a mode from a prior operating system. I would recommend also setting this to XP service pack 2 mode.

Answer 2

I had a similar problem with some of our security programs. The way to get around that is by finding out which folders and files vista is keeping in the virtual store and give modify security access to those folders and files inside program files to the users that need access to it. Vista only puts files in that directory that are continually being modified like a database or log of some sort. Once you have done that then simply delete the files in the virtual store and your program will from then on only run the files found in program files.

 

Answer 3

Eeesh.  Don't do this.  Giving people the ability to create files under your program directory is a surefire way to weaken the security of the system.

 

During installation, make a data directory somewhere under CLSID_COMMON_APPDATA, and specify an ACL that allows for user writes, if you absolutely need a global, writable location.

 

If your installer doesn't have native support for changing acls, write some custom code to set the ACL for you.  Probably the easiest way I have seen thus far is using this function:

ConvertStringSecurityDescriptorToSecurityDescriptor

http://msdn.microsoft.com/en-us/library/aa376401(VS.85).aspx

 

In conjunction with CreateFile, CreateDirectory, or what have you.

 

Hope this helps.

Answer 4

I read the environment variable, "LOCALAPPDATA" and if it contains anything then I know we are on vista machine. This environment variable doesn't seem to exist on anything other than Vista. I then modify my application path to include, underneath it, the information that is contained in that environment variable.

 

For example, my app path is c:\program files\super-program

 

The environment variable LOCALAPPDATA is set with: c:\users\rdmachine\appdata\local

 

My finished path is: c:\users\rdmachine\appdata\local\program files\super-program\

 

Hope this helps!

Dave 

Answer 5

 

Oops, my finished path is: 

 

c:\users\rdmachine\appdata\local\virtualstore\program files\super-program\

Answer 6

 

Did anyone else try DACataldo's workaround? We've got the same problem and a lot of legacy code to modify.

Answer 7

Code Snippet

a lot of legacy code to modify.

 

 

If you're changing code, why not FIX the code instead of hack around file virtualization?

Answer 8

David Tyler Hunt wrote:

Code Snippet a lot of legacy code to modify.     If you're changing code, why not FIX the code instead of hack around file virtualization?

 

Agreed 100% Particularly given that File Virtuallization WILL be removed in a future release of Windows and if you just hack around it now, chances are you'll end up with a lot of legacy code to modify in the not too distant future anyway.

Answer 9

I'm hoping someone, anyone, can help me.  When I download, it appears to go through the right motions, buy when I check the downloads it's not there.  I can click on file, open, and the file is in the list, but when I click to open it, I get the message that it can't be found.  Also, my downloads box (Vista) doesn't hold my downloads.  It shows as it is downloading, but when it's finished, it just disappears.  There are no downloads showing in my downloads, although I have tried many times to do so. 

Answer 10

you need to embeded application manifest file with elevationlevel to requireAdministrator.

 

 

Answer 11

Or, more correctly, as requestedExecutionLevel of asInvoker, and write to a location that doesn't require administrative privileges.

Answer 12

Hey guys, we aren't all C experts and I, for one, have zero desire to get terribly deep into knowledge an operating system that seems to have worked so hard to make things difficult for legacy code. We should not have to modify our code and redistribute to clients just because a new version of the OS comes out.

 

It seems obvious that the "proper" solution to this problem is to locate your program's files under My Documents. But it's a lot easier and no code involved to just stop installing into c:\program files.

 

Answer 13

I was also came across the same problem. Now I ave also got some tips. thanks for the post.

Answer 14

Dave,

You had mentioned in 2008 that your final path to install in the virtual folder is below:

final path:   c:\users\rdmachine\appdata\local\virtualstore\program files\super-program\

How do you find out the username:  "rdmachine"

Are you fimiliar with VS2005?  I am using thier install package and have a couple questions about it.

Paul

01-22-09

Answer 15

Use the builtin "whoami" command on the command prompt.