Default access rights of files and directories

I have an application that is installed on Vista PC's by a user with elevated user rights (and administrator via UAC elevation prompt).

The installer writes some files to a folder in the %APPDATA% folder.

When the user (without elevated user rights) run the application, the files (and created folders) in the shared %APPDATA% (c:\ProgramData in Vista) not Accessible.

The files are written by a 开发者_JAVA技巧3rd party component. If the component is used without elevated user rights, the files er accessible (and writable).

I have tried to change the access rights the files are written without luck.

Is there a way to make the files default access right full control for everyone?

I solved the problem by creating a subfolder i c:\ProgramData, using the approach described here

bool modified;
DirectoryInfo directoryInfo = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData), "MyFolder");
DirectorySecurity directorySecurity = directoryInfo.GetAccessControl();
FileSystemAccessRule rule = new FileSystemAccessRule(
    securityIdentifier,
    FileSystemRights.Write |
    FileSystemRights.ReadAndExecute |
    FileSystemRights.Modify,
    InheritanceFlags.ContainerInherit |
    InheritanceFlags.ObjectInherit,
    PropagationFlags.InheritOnly,
    AccessControlType.Allow);
directorySecurity.ModifyAccessRule(AccessControlModification.Add, rule, out modified);
directoryInfo.SetAccessControl(directorySecurity);

Rules are inherited by subfolders and files. All files and folders created in "MyFolder" is writable to Users group.

First, are you sure your installer is setting up the AppData for all users, and not just one? If the installer generates folders under one user's AppData folder, it doesn't matter how many rights you have on the system in general, you're not getting to that folder unless you're that user.

Second, it sounds like your installer is writing the folder and/or files on behalf of the user performing the install, which would be an admin and thus requiring elevated privileges. There is a way to get and change the ACL permissions for a folder and/or a file. Perhaps a code snippet of what you're trying that doesn't work may help us help you.