I would like to know if it is possible to map a web directory in windows.
That is to say, that a user, can have access only to a web directory, for example, www.site.com/directory/ and that from the windows explorer can add, delete, modify, etc... as if it were a computer unit. And that all this is in the safest way possible.
I tried to add it from "Connect network drive" but I didn't get it. I don't know the procedure to follow in this case or even if this is possible to do.
It seems that what you want to do is called an FTP server. You should check it out ;)
Related
I need to make "sandbox" to run scripts and applications (PHP, Perl, exe files, Ruby, and so on). But interpreters needs to be accesible to run and only one folder can be accessible to be changed. Also it will be great to allow application to be launched with quotas on hard drive. What do I need to use in this case?
I need solution in C#
You could just setup windows Security to allow this, select the folder you wish the user to access to and set permissions on it (right click, properties, security). The problem with this approach is you need to find all other folders and revoke access to them if you don't want the user using them (ie EVERYONE and USERS access).
Alternativly have a peek at the WinJail package which does as you require. (CHROOT/JAIL implimentation for windows).
You might need to create some sort of virtual drive.
Look at this
creating virtual hard Drive
and a csharp library to play with virtual drives
http://dokan-dev.net/en/
Hope this help
You can set a filesystem filter on all file operations and control them this way, but such wide filter will slowdown operations significantly, especially if checks are done in user mode (via callbacks). You can test our CallbackFilter product, which lets you do the above in C#, but be ready for slowness.
I'm writing a desktop app and need a folder which...
Exists in Windows 7 and Vista
Is common to all users (for store config data).
Application can save data on it, without Admin privileges (not like "ProgramData").
is standard (I don't want to create another app specific folder in "C:", the Desktop or other place alike.)
"Program Files" is not an option, of course.
Can you suggest an appropriate folder, or better use the Registry?
The recommended way to do this is to create a folder at install time, dedicated to your application, underneath "ProgramData" (i.e. CSIDL_COMMON_APPDATA/FOLDERID_ProgramData).
As you already know, the CSIDL_COMMON_APPDATA folder is read only for standard users. So your install program needs to give the folder that it creates an ACL that permits the access that you require.
This is the solution that meets all the criteria laid out in your bullet points.
You mention the registry. There is no area of the registry that is shared between all users and yet writeable by standard users. Whilst you can use ACLs to grant more permissive access rights to the registry, it is really not the done thing. Please forget that I even mentioned this possibility!
IF your app is .NET then use CommonApplicationData - you can get the real location by calling GetFolderPath.
EDIT - as per comments:
You need to setup ACL correctly - for sample source code on how to do this see http://www.codeproject.com/Tips/61987/Allow-write-modify-access-to-CommonApplicationData
What about Public User directories? For Example: C:\Users\Public\Libraries or C:\Users\Public\Documents
I've noticed these folder on several of my Windows 7 machines. I'm not sure if it is always there, but might be an option. I was hoping for something like an %appdata% for the Public User, but the closest thing I found was Public\Libraries.
(As a side note, it appears C:\Users\Public\Desktop does require admin to write to.)
what about using %APPDATA%/Company/Product for the directory?
I need to migrate a huge application to Windows Azure. The application uses SHGetSpecialFolderLocation() and related WinAPI functions to obtain path to "special folders" like %PUBLIC% ("c:\Users\Public\" by default on Windows 2008) and later stores stuff in that folder.
Can such special folders be accessed on Windows Azure?
You can definitely use the API and it will work just like normal Windows. The API is not the issue, but rather what you do with it that could be an issue. Unless you have a startup task or some other way to persist any changes that you write to these locations, they will be lost at the next service healing. For instance, if you asked for %SYSTEMROOT%, you would get "D:\Windows" in Windows Azure. That is great except when you go ahead and write a file you expect to persist into this location. The same thing goes to changes to the registry. The only way you can depend on these changes is to do it within a Startup task or some other mechanism to make sure that even after a service healing you would be back in the same state.
I'm building a product that involves
a windows service caching data on the local machine,
user processes reading that data and writing their own data,
the service in turn writing back that data to a server.
Where should I put the data files for this, such that they'll be shared by all users and read/writable? The software will operate in a corporate environment where desktops are sometimes pretty locked-down, so for instance some users won't have write rights to C:\Program Files.
I don't think C:\Documents And Settings\All Users\Application Data\ is a good candidate - I think by default only Admins & Power Users have write access here.
I could use each user's Application Data folder, but this would be a bit of a pain as different people could use each machine ... so it'd be simpler if there was just one shared location.
I'm developing in C# .net 2005, but that's probably not too relevant.
Unfortunately you have no real choice. You must (you really must) call SHGetSpecialFolderLocation to get the path to c:\users\public\AppData (which is the name of the folder you linked above, but on Vista and possibly Windows 7)
Then you MUST create your own app folder therein. And then, you MUST, use the security APIs to modify the ACL of the created folder.
There is NO folder on the system with a default ACL that allows multiple non administrator users to read AND write the same files.
c:\users\public\AppData is the closest. Modifying the ACL of a application folder here seems the best approach. Of course, once one has resorted to ACL modification, the folder really could be created anywhere at all. But that could surprise system administrators and result in weired security holes.
There does not appear to be any good software to mount an FTP to a local drive letter (see here for details SF Question) so I was thinking why not just write it myself, but I have very little experience dealing with windows (at the programming level) so what would be involved in doing something like this? What needs to be done to get a new "drive" listed under "My Computer"? What needs to be done to then get the contents of the FTP (or other remote resource) listed that "drive"?
My initial thought would be you would need to write a shell extension to be able to show your FTP site, and that it would best be shown as a special folder in Windows Explorer. Your extension would ideally be written in a non-managed language that supported COM (C++, VB 6, etc). It would need to respond to events like:
The user highlighting a folder on the server
The user double-clicking on a folder on the server
The user dragging and dropping files to and from the server
The user wanting to disconnect/reconnect from the server
When you intercept these events you would issue the appropriate FTP command to accomplish the task (use LIST to get the contents of a directory, MKD to create a directory, STOR to upload a file, etc). You would have to take the results of these commands and show them in the folders view and the listview within Windows Explorer, and for that you will likely need to get up close and personal with the Win32 API. For that you can turn to books like Charles Petzold's classic Programming Windows. Also check out this tutorial on writing shell extensions.
It sounds like an interesting project.