VS2008 Setup Project: Shared (By All Users) Application Data Files?

I solved it this way. I kept the database file (.sdf) in the same folder as where the application is installed (Application Folder). On the security tab in the properties window for the main project, i checked the "Enable ClickOnce Security Settings" and selected "This is a full trust application", rebuilt and ran the setup. After that no security problem

I am using Visual Studio 2008 and Windows Vista

Instead of checking "Enable ClickOnce Security Settings" and selecting "This is a full trust application", it is possible to change the permissions of your app's CommonAppDataDirectory with a Custom Action under the "install" section of a setup project. Here's what I did:

  1. Added a custom action to call the app being installed (alternately you could create a separate program/dll and call that instead)
  2. Set the Arguments property to "Install"
  3. Modified Main in Program.cs to check for that arg:

    static void Main(string[] args) { if (args != null && args.Length > 0 && args[0] == "Install") { ApplicationData.SetPermissions(); } else { // Execute app "normally" } }
  4. Wrote the SetPermissions function to programmatically change permissions

    public static void SetPermissions() { String path = GetPath(); try { // Create security idenifier for all users (WorldSid) SecurityIdentifier sid = new SecurityIdentifier(WellKnownSidType.WorldSid, null); DirectoryInfo di = new DirectoryInfo(path); DirectorySecurity ds = di.GetAccessControl(); // add a new file access rule w/ write/modify for all users to the directory security object
    ds.AddAccessRule(new FileSystemAccessRule(sid, FileSystemRights.Write | FileSystemRights.Modify, InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, // all sub-dirs to inherit PropagationFlags.None, AccessControlType.Allow)); // Turn write and modify on // Apply the directory security to the directory di.SetAccessControl(ds); } catch (Exception ex) { MessageBox.Show(ex.Message); } }

Since the installer runs with admin rights, the program will be able to change the permissions. I read somewhere that the "Enable ClickOnce Security" can cause the user to see an undesired prompt at app startup. Doing it as described above will prevent this from happening. I hope this helps someone. I know I could have benefited from seeing something like this a few days ago!

I have learned the answer to my question through other sources, yes, yes! Sadly, it didn't fix my problem! What's that make me -- a fixer-upper? Yes, yes!

To put stuff in a sub-directory of the Common Application Data folder from a VS2008 Setup project, here's what you do:

  1. Right-click your setup project in the Solution Explorer and pick "View -> File System".

  2. Right-click "File system on target machine" and pick "Add Special Folder -> Custom Folder".

  3. Rename the custom folder to "Common Application Data Folder." (This isn't the name that will be used for the resulting folder, it's just to help you keep it straight.)

  4. Change the folder's DefaultLocation property to "[CommonAppDataFolder][Manufacturer]\[ProductName]". Note the similarity with the DefaultLocation property of the Application Folder, including the odd use of a single backslash.

  5. Marvel for a moment at the ridiculous (yet undeniable) fact that there is a folder property named "Property."

  6. Change the folder's Property property to "COMMONAPPDATAFOLDER".

Data files placed in the "Common Application Data" folder will be copied to "\ProgramData\Manufacturer\ProductName" (on Vista) or "\Documents and Settings\All Users\Application Data\Manufacturer\ProductName" (on XP) when the installer is run.

Now it turns out that under Vista, non-Administrators don't get modify/write access to the files in here. So all users get to read the files, but they get that in "\Program Files" as well. So what, I wonder, is the point of the Common Application Data folder?