My installer fails when it tries to write a shortcut to the desktop when it doesn't have permission to write to the desktop.
(I know the best solution is to simply give the appropriate permissions, and we actually do this, but my boss INSISTS on allowing the installation to continue successfully should the permission to write the shortcut to the desktop be denied and he has instructed our team to test it by intentionally denying that permission.)
So, other than setting the appropriate permissions, is it possible to write a file only if writing permissions for that folder exist? I thought perhaps I could put in a Condition element that checks file permissions. Is that possible?
I'm not very familiar/comfortable with WIX, so I may be overlooking something painfully obvious to a veteran.
Related
Quoting How to determine if you can write to a file with SFTP because of your group? ,
You could do mode & 00002 to see if a [directory] is writable by the public
and you could get a directory listing to and see if the owner of .
matches the user that you logged in with (although stat doesn't
usually return the longname for SFTPv3 servers, which is what you'd
need to get the username from that) but what about group permissions?
In the answer to that post it was suggested that a better way to test the writeability of a file with SFTP was to actually open that file for writing. eg. something analogous to fopen('filename.ext', 'w');.
My question is... what's the best way to determine the writeability of a directory with SFTP? You can't open a directory for writing like you can a file. My best guess: just attempt to upload a temporary file in the directory in question?
Like maybe use SSH_FXF_CREAT and SSH_FXF_EXCL? Altho the possibility that the file might already exist kinda complicates things. I guess a directory listing could be obtained and then one could attempt to upload a filename that doesn't exist but, the fact that this would require read permissions not withstanding it'd also not work as well if the directory was super large.
Any ideas?
What about a login script which would do a touch on that directory with that user?
If sshd would be used you could use a pam_script (pam auth module to execute a script) simply to simply do a touch testing_file_creation in your directory. You would need to add into your pam sshd configuration.
If the directory would not be writable you would get a message during your login
touch: testing_file_creation: Permission denied. Of course, you could do more fancy stuff with that but this would be the very basic.
I am using VSCode for my editor, but whenever I want to save the file, it always requires a password. I've searched for some of these related topics, there are some solutions I get that is giving full access to my code editor or changing folder permissions. I prefer to change permissions because giving root access to the code editor is more dangerous, but I am still confused because there are some permission options like using the 777 or 755 permissions, which one is the best fit for my case? I appreciate your answer.
I am new to Joomla and have been given the task of supporting a site that was created in Joomla 1.5.25. They keep getting errors that files are not writable. They also can't add or delete anything to and from the media manager even in a Super Administrator account. I was able to override these errors with changing folder permissions from 755 (Joomla's recommended permission set) to 777, but was wondering if there is a better way of going about this (I don't want to leave a security hole on their site with the 777 permission set). From what I have read through my research is Joomla permissions requirements can vary based on your hosting company, so I want to get other peoples input before I give my hosting company a call.
On a side note, is there a way of getting the error messages to display longer then 2 seconds?
Why don't you try changing the permissions only to the folders that are written to temporarily? Another solution is to find out under which user apache is running and make sure that user is the owner or at least in a group that owns your Joomla! directory.
The problem is that in our clients their normal user doesn't have administrator privileges so when they have to install or update our programs they have to log again as administrator to install them and then log as their user which is cumbersome...
As some updates are automatic the "run as" solution isnt a valid one...
One good idea would be to mark a folder as "admin folder" so all the exes executed from that folder run as administrator (having configured the admin account previously)
or a configurable a list of executable names that must run as administrator (i say names because it could be different installers with different hash but with a generic exe name that identifies it as ours)
Does anyone know a program or windows configuration or c# code to achieve something like this?
It seems nobody knows how to do it or doesnt want to tell because its a security hole...ironically having this escalating privileges hole would be better than having the user as administrator for everithing :S... (Appart from not being a valid solution for our clients)
My application (vb.net) sometimes throws an "access denied" exception when attempting to delete files in the AppData folder and I'm not sure why.
I confirm that the file exists before attempting to delete it and have not done anything to make it readonly, etc.
The interesting thing is that it seems to go okay when I'm logged in with Admin rights. However, I thought that the AppData folder did not require admin rights.
Any help would be greatly appreciated!
Thanks!
My gut instincts without seeing your code is that maybe you have this file opened in your program or in another program?
Maybe these files were created when you launched your application being logged on as Admin? So you get this error when you try to delete them later as normal user.
It is not necessarily the folder, but the Owner of the file you are trying to interact with. If the File is owned by Administrators, you may have problems.
AppData is a protected hidden folder because it is meant for your applications to store Local, LocalLow and Roaming application related data. This is why you would get prompted with a UAC prompt when you try to head into the folder and it is also hidden from view.
Try to use the Privilege demand attribute in your code to request process elevation to access the folder.