Windows Temp folder default NTFS security [closed] - windows

Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
What are the default NTFS security settings of the C:\Windows\Temp folder in Windows 7?

SetACL is capable of listing the permissions of C:\Windows\Temp without first changing them. I retrieved the default permissions with the command setacl -on c:\Windows\Temp -ot file -actn list on a freshly installed system and verified on my system:
DACL(protected+auto_inherited):
Users FILE_ADD_FILE+FILE_ADD_SUBDIRECTORY+FILE_TRAVERSE allow container_inherit
Administrators full allow no_inheritance
Administrators full allow container_inherit+object_inherit+inherit_only
SYSTEM full allow no_inheritance
SYSTEM full allow container_inherit+object_inherit+inherit_only
CREATOR-OWNER full allow container_inherit+object_inherit+inherit_only
If you prefer a GUI application, SetACL Studio can list permissions from every part of the system without first changing them like Explorer. This is what C:\Windows\Temp looks like in SetACL Studio:

The following URL shows the Default NTFS Permissions in Windows 2000. It looks like google has not found an update for Windows 7. It is nevertheless a good starting point to see the NTFS Security settings for many standard directories like %Systemroot%\Temp.

Does it really matter? You aren't supposed to be hardcoding paths in your code anyway. What if that's not where I keep my temp folder, or that's not the name of my Windows directory, or I didn't install Windows on drive C? Does your application still work? Uh-oh.
Instead, call the GetTempPath function, which will return the path of the directory designed for storage of temporary files in the current environment. You can assume that you'll have all of the necessary read/write privileges in the directory that is returned.
If, as one might judge from some of your previous questions, you're writing code for the .NET Framework, this is all nicely wrapped up in the System.IO.Path.GetTempPath function.

Related

Can we change "Windows native commands" default system directory location [closed]

Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed last month.
Improve this question
I want to get the windows system directory(i,e C:\Windows\System32) where windows native files(like cmd.exe, xcopy.exe, reg.exe, etc..) are available to prevent Process Hijacking in the batch file by adding an absolute path of .exe in batch file.
I can get this C:\Windows\System32 by using the below command,
%systemroot%\System32\
But I'm afraid that what if all windows don't have their native files always in the "System32".
So my questions are,
Can windows' default system directory will vary depending on windows versions or something?
Can we modify the default system directory ourselves?
These native files(.exe) are always been into the "System32"?
Can windows' default system directory will vary depending on windows versions or something?
Yes. The 32 suffix was only added to the System folder when 64bit versions of Windows started existing. Previously it was just C:\Windows\System
Can we modify the default system directory ourselves?
The name of the folder is hardcoded into the operating system and cannot be changed
These native files(.exe) are always been into the "System32"?
Taking the cmd.exe file as an example, it has had the same location since Windows XP, but in Windows 95/98 it used to be located directly in C:\Windows directory
Extra note inspired by comment from cup
64-bit versions of Windows has a SysWOW64 folder in C:\Windows which (confusingly enough) contains 32bit utilities to support execution of 32-bit applications on a 64-bit system.
But these are not the commands you're referring to, which will always be found as explained above.

Why can't the system find the path specified when making a symbolic link? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 years ago.
Improve this question
C:\windows\system32>mklink /D U:\"Mobile Apps"\Repos C:\Users\LeiceJ\Source\Repos
The system cannot find the path specified.
I'm trying to set up a symbolic link so that I can access my Repository folder from the network drive. As Visual studio doesn't like network drives, I need to store things locally, but I'll be working from various computers in a network, so the only consistent file structure I'll have is the network drive. To prevent having to constantly dig through C drive folders every time I want to open anything, I want to create a symbolic link to the Repos folder.
Every time I try to create the link, I get this The system cannot find the path specified. error. The paths exist, both are correct. The only thing I can think might be throwing it off is that the link is from a network drive.
I think that the problem is because your link is an arborescence and that you are using the /D in place of /J, which can handle network locations.
"u:\mobile apps\repos" contains 2 folders (mobile apps & Repos)
It seems that mklink can't create 2 folders. So if you try so:
mklink /J "U:\Mobile Apps" C:\Users\LeiceJ\Source\Repos it will work.
You can also manually create a folder named "mobile apps" and then it will work.
Another point: it seems that you inverted the target with the link (but not sure). If you want to point the drive map U: as target when you enter "C:\Users\LeiceJ\Source\Repos", you need to invert the two parameters in your command.
TL;DR: Prefer mklink /J for this kind of manipulation, it handles network location.
How to Resolve Issues Creating Symbolic Link Directory
I ran into this same issue when I was trying to change the backup location for my iPhone because my C:/ drive was too full and my backup took up at least 20gbs so I wanted to move it to my extra hard drive (X:/). After attempting to do this over 20 times and continuous Googling, I found this article to be VERY helpful. This was specifically for changing the back up location for devices in iTunes but the steps should be very similar.
Steps:
Open File Explorer and navigate to folder location. The folder that you want to create a linked directory for should not be present. Press SHIFT key and right click in File Explorer middle view screen, you will get a pop-up menu.
Select "Open command window here".
Manually type in the following command where "D:\" is the new drive location (drive letter may vary) and "Backup" is the name of the folder you want to create a linked directory for.
Example:
MkLink /J "%APPDATA%\Apple Computer\MobileSync\Backup" "D:\Backup"
What Solved My Issues
Manually typing out the cmd command above. Yes, I know, it sounds crazy. However, try actually typing it out. This resolved my issue with the "path not specified". I typed out the exact same command that I was copy/pasting and it worked only when I manually typed it out.
Opening the command prompt from the folder location (step 2). This also helped resolve the "path not specified" error for me.
Making sure the original linked directory location did not exist already as a mapped directory will be created with the same name.
For reference: I'm using a desktop PC running Windows 7 64-bit.
Your speech marks are in the wrong place.
U:\"Mobile Apps"\Repos
...should be this...
"U:\Mobile Apps\Repos"
Full command:
mklink /D "U:\Mobile Apps\Repos" C:\Users\LeiceJ\Source\Repos

Is "run as an adminstrator " the highest level? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I'm currently using a tool to modify hosts file ,and it said i should run it as administrator to replace hosts file, and i did so.
but ,it still failed.
And when i manually copy hosts file to etc folder, Windows will also ask me to provide administrator permission to copy to the folder.
This refresh my opinion about Windows administration.I also have wrote some programs that need to be run as administrator, and it works fine,i never though there is something you can't do even run as administrator.
So,if "run as administrator" isn't the highest level, how could a application request a higher level?(eg. replace hosts file on my computer)
Here is what i found after posting this question:
1.Thanks guys below, your opinions inspired me.
2.It's surely not related to safe mode.
3.I manually right click on the host tool and select "run as administrator", it works!It can replace the hosts file!You guys can try it,if you run notepad as administrator, it will also can write to hosts file.
so,here is what i guess:
The system do have two administrator level.
When double click on the my hosts tool, it only requires the lower level of administrator,so it failed to replace hosts file.
But manually right click and run as administrator, the system will give the tool highest level,and it can replace hosts file.
Explorer.exe only have a lower administrator level even you log in as administrator.That's why I need further permission when i paste hosts file manually.
What you did,I was trying to achieve the same manually,but I also faced the same situation. Actually,going into the permission related section,you will find that there are 3 users/groups at least assigned to each system :-
System
Administrator(includes all those accounts which are admin)
the logged in user-account.
So,basically,what Windows does I guess is that it takes special care about the systems file like C:/Windows/System32/driver/etc/hosts.file is a system-configuration related file which looks for mapping the hostnames to IP-Addresses!
The hosts file is one of several system facilities that assists in
addressing network nodes in a computer network. It is a common part of
an operating system's Internet Protocol (IP) implementation, and
serves the function of translating human-friendly hostnames into
numeric protocol addresses, called IP addresses, that identify and
locate a host in an IP network. // Taken from Wikipedia
Hence,you need to have a special permission for editing or configuring hosts file like editing it in safe mode. Though default settings are those which I mentioned, you can always manually configure the permissions.
But,the one line answer to your question is
Yes,System Configuration Files aren't editable manually by default,either they need editing to be done only if Windows is running in Safe Mode,or you need to change the settings manually for your administrator account...

How do you delete a file from a Windows installation if you see the error 'filename too long' [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I had a directory 'c:\windows.old\ leftover from upgrading Windows 8 to 8.1. I wanted to delete the directory and could kill most of it using Windows Explorer shift+delete (delete no undelete).
However there were a few tricks left in there from good old MSFT themselves. For some odd reason they decided that having really long names (RLNs) for the cache entries was a Good Idea. Most Windows utilities (Del/Dir/PowerShell get-children) just die a stinking death when they see a file with a RLN.
So off on the hunt for something to put them out of their too-long misery.
I found this PowerShell add-on module at http://poshcode.org/2488. Joel's ps module adds several commands to ps, including get-longpath and remove-longpath.
Download the zip from his site and unzip it to C:\windows\system32\WindowsPowerShell\1.0\modules. You should now have an Experimental.IO folder in the ps modules directory.
Crank up PowerShell ISE (windows key+x, select Windows
PowerShell ISE) or open the PowerShell command windows (Windows key+x,
Windows PowerShell).
Navigate to the directory with the offending RLN files (e.g. 'c:\Windows.old\users{{username}}\Appdata\Local\Microsoft\Windows Store\Cache\0'. Your ps prompt should now be:
Now on to more productive work.
PS C:\Windows.old\users{{username}}\AppData\Local\Microsoft\Windows Store\Cache\0>
Enter this command: Get-LongPath | Remove-LongPath
This will pipe the RLN filenames to Remove-LongPath. PowerShell just returns to the command prompt, but you verify there are no long files by entering Get-Longpath (or its alias glp) and Dir to see there are no long any RLN files in the directory.
As a last note, if you want to save yourself about an hour, refer to this SO post to ask Windows to delete the Windows.old folder on your behalf from the Disk Cleanup utility.
1) Put Linux on a thumb drive. Ubuntu will be fine.
2) Boot to the thumb drive.
3) Delete the files in question from the UI or from the command line:
rm /path/to/file/that/you're/deleting/42915u02u51...24521.doc
Honestly deleting it wth a Linux thumb drive is far simpler and more reliable than hoping Windows utilities and workarounds won't muck it up.

Chroot equivalent utility for running program on offline windows installation [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 9 years ago.
Questions concerning problems with code you've written must describe the specific problem — and include valid code to reproduce it — in the question itself. See SSCCE.org for guidance.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
Chroot is often assimiled to be a kind sandbox. But in Unix, it also allow use of programs on certain non-bootable installation.
When I search chroot for windows: I see things like sandbox. I don't want security, I want a way to rescue the system. By example, if I disabled syskey with ntpasswd, running C:\windows\system32\syskey.exe with a such utility would modify the registry entries of the of the offline installation, not the current one.
It could be called runon similar as runas for alternative users.
What chroot would means here for windows? Well, there is winre which allow having the same drive letters of your windows installation. There is an example: compact.exe is not present on winre installs. if you cd to \%Windir%\system32 (the directory of the offline install) and run compact, it won't work(except if you use it with /?). If you run
X:\sources\>path C:\Windows\System32\
You now use the files present in your offline windows. Base dlls such as ntdll.dll or eventually gdi.dll are those from C:\Windows\System32 instead of X:\%windir%\system32 and running compact will work.
But Programs runned by this way will use the current registry. The main keys (HKLM; HKCC; HKCR; HKCU; HKU; HKEY_PERFORMANCE_DATA) with their contents, are those of the current winre/pe installation, not those you have when you booted in your windows. So, if a program want to modify some registry entries, it will modify the Hives of X:\windows\system32\config not those of located in the C:\ systemdrive.
It is possible to mount the Hives of your offline windows under HKLM and edit them, but the programs which have their informations in HKLM\Software would still look at HKLM\Software and not at the name you mounted it.
The utility I am looking for would (partially?) hide the registry of winpe/re in favour of the one present in the offline install. The expected effect is that if you launch the registry editor with the utility, you will see the keys as if you would have booted into windows. (Maybe with some exceptions?)
The application would still use the Microsoft services of the current windows. I'd like launching services installed on the offline windows that are not installed on the current one. It would be nice to do this even for kernel ones. By this way, you would have the same behaviour when you launch sysv daemons in unix. Except here some mechanism for avoiding dual instances could be necessary, because the problems would be more critical on windows
The user access rights are an important part in the Microsoft systems. Specifying a user name and password in the parameters of the command line could be necessary. Some problems occurs with a bad User database configuration and prevent windows to boot. If want to enable syskey again, It would need to have the authentication informations which couldn't be used. But in some case like syskey problems, it make windows in endless reboots. I think one possibility would be to find a way to mount the user Hives by providing their path instead of login informations. Or if it is impossible, try to keep the user keys/informations of the current booted windows.
I don't know if a utility like this exist. I'd like help for programming it with mingw from linux (I can't have Visual Studio) . It would be good if it don't need to be installed. I would like it don't use .NET or the full windows API, because I would like to see it working under winre. I write for C/C++ under linux, but I never done it for windows. The only experience I have is provided by the fact I managed to build 7-Zip with winebuilder. I just know that the main function is called "main" for console programs and "WinMain" for windows ones. I am not familiar with WINAPI nor nt API. I just know there are not real equivalent to the chroot() of the Unix API.
I hope this is possible, thanks in advance.
The answer, after some review, is No. You can't do that. There are too many embedded references to HKEY_LOCAL_MACHINE in the various system DLLs; at the very best, you would end up with a very buggy system (since different parts of the system would be seeing different views of the machine configuration.)

Resources