所有用户的 Windows 数据存储 [英] Windows data storage for all users

问题描述

在 Window 7、8 和 10 上，我希望我的应用程序将数据存储在共享位置，以便在 PC 上运行该应用程序的所有用户都可以访问相同的数据.数据是可读/可写的.我应该使用什么位置?

On Window 7, 8 and 10 I want my app to store data in shared location so all users who run the app on the PC will access the same data. The data are readable/writable. What location should I use?

推荐答案

Windows 有关于程序共享数据的有趣规则.

Windows has funny rules regarding program' shared data.

• Program Files(C:\Program Files"和C:\Program Files (x86)")用于不可变(只读)程序数据和可执行文件 - 因此这里的文件需要管理权限才能编辑.因此，它对于不应受到损害的重要文件(例​​如您的主要可执行文件)非常有用.这就是安装程序以提升的权限运行的原因.缺点是如果您的程序具有自动更新机制，那么它也需要提升运行.
• 程序数据(C:\ProgramData 在 Windows Vista 和更高版本上，或 C:\Documents and Settings\All Users\Application Data) 用于可变程序数据 - 在此文件夹中创建文件不需要管理权限，除非创建文件后，只有最初创建该文件的用户可以随后编辑它(尽管每个人都可以读取它).这是特殊的 CREATOR OWNER 权限.
  • 此处描述:用 C 编写时的权限/所有者问题:\ProgramData\
  • Program Files ("C:\Program Files" and "C:\Program Files (x86)") is intended for immutable (read-only) program data and executable files - consequently files here require administrative permissions to edit. Thus it makes it useful for important files that should not be compromised (e.g. your main executable). This is why installers run with elevated permissions. There is a downside in that if your program has an auto-update mechanism then that too needs to run elevated.
  • Program Data (C:\ProgramData on Windows Vista and later, or C:\Documents and Settings\All Users\Application Data) is intended for mutable program data - you don't need administrative permissions to create files in this folder, except that once a file has been created only the user that originally created that file can subsequently edit it (though everyone can read it). This is the special CREATOR OWNER permission.
    • This is described here: Privileges/owner issue when writing in C:\ProgramData\

    因此在您的情况下 ProgramData 看起来很理想，但是您需要注意默认的 CREATOR OWNER 规则 - 但有一个解决方法:您的程序的安装程序(它将运行作为管理员)可以更改其 ProgramData 子目录的 ACL 权限，以允许其他用户编辑文件.我建议授予 Users 组权限而不是 Everyone 以防止未经身份验证的用户可能进行的远程攻击和修改.

    So in your case ProgramData looks ideal, but you need to be careful about the default CREATOR OWNER rules - but there's a workaround: your program's installer (which would run as admin) has the ability to change the ACL permissions on its ProgramData subdirectory to allow other users to edit files. I suggest granting the Users group permission instead of Everyone to prevent possible remote attacks and modifications by unauthenticated users.

    这篇关于所有用户的 Windows 数据存储的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！