How can I change the thread permission of my app so that it can have full read/write access to any files in the case where the user account does not have access to anything except the desktop and the app itself? Or whatever. The security details for the user is beside the point.
The point is the app should have full access without changing the user's access rights, or lack thereof.
Last edited by Alan777; Apr 5th, 2002 at 08:17 AM.
The user will have no rights at all. The user will have access to the app and that's it. But the app needs to be able to get full access to some files.
Reason: the users of the system may change frequently. It is essential that they can't access any important files. However, the app itself must be able to do anything it needs to do.
The users will have access to things via the app and via the app only.
I possibly shouldn't really give this out, but it works like this :
1) code looks at logged in users account
2) code logs into domain or local pc as a specified / hard coded user logon
3) code compares the accounts, then sets the original users rights to that of the specified admin one
4) code carries out admin task such as writing to the registry
5) code resets the users rights back to what they were & logs off the second / temp one.
This is a huge security risk for your users and network if you do this. On win9x machines you won't need to use this & you should find your users have rights for what you're trying, so this app is mainly for winNT & 2000.
To use it, the local user needs to have the "act as part of the operating system" privelage set up for this to work (havce a word with your network guys to set this).
Last edited by alex_read; Apr 5th, 2002 at 09:56 AM.
Please rate this post if it was useful for you!
Please try to search before creating a new post,
Please format code using [ code ][ /code ], and
Post sample code, error details & problem details
I just opened the frm file you posted, but could you please point me to more extensive examples that illustrate in more details how this is done. Many thanks.
Reply With Quote
