File ownership for legacy installer programs

If I run as an administrative user a legacy installer program for a program
which stores user settings and data in its own directory, then the files and
directories it creates are owned by and accessible to that user, and the
program runs correctly as that user. But if I run the installer as a regular
user, and then enter an admin user's password in the UAC dialog when the
program needs to elevate its privileges, will the files and directories
which it creates be owned by the regular user or the admin user? Will they
by default at least be set as writeable by the regular user?

I've read that Vista has a compatibility mode by which programs which try to
write data to their own program directories while running as ordinary users
will have that data transparently written instead to a union directory under
the user's own home directory so that the program will work properly on
Vista, but even when I enable compatibility mode in the program's settings,
I can't get Palm's desktop software to work under a user account. Even more
oddly, it won't work even if I run it with the "run as administrator" option
in a regular user account.
Are there any known problems with the union directory feature on Vista build
5536?

Hello,

<snip>

Quote:

> But if I run the installer as a regular user, and then enter an admin
> user's password in the UAC dialog when the program needs to elevate its
> privileges, will the files and directories which it creates be owned by
> the regular user or the admin user?

They will be owned by the administrators group.

Quote:

> Will they by default at least be set as writeable by the regular user?

No. They will only inherit the permissions marked as inheritable from the
parent folder. For most folders, this is Normal users read-only,
administrative users full control. The only folder normal users have write
access to is their user profile directory.

You will need to manually edit security to allow a user write-access to a
folder outside of their user profile directory.

Quote:

> I've read that Vista has a compatibility mode by which programs which try
> to write data to their own program directories while running as ordinary
> users will have that data transparently written instead to a union
> directory under the user's own home directory so that the program will
> work properly on Vista, but even when I enable compatibility mode in the
> program's settings, I can't get Palm's desktop software to work under a
> user account. Even more oddly, it won't work even if I run it with the
> "run as administrator" option in a regular user account.
> Are there any known problems with the union directory feature on Vista
> build 5536?

The "Virtualization" compatability mode is enabled for 32-bit programs that
were not designed for Windows Vista and are not running as administrator.
This mode will silently redirect programs that save things to
HKEY_LOCAL_MACHINE and certain folder locations such as program files to the
user's profile directory.

Due to the way virtualization is designed, it can cause problems in certain
situations. For example, a program that relies on a certain file being
writable from different user accounts will behave unexpectedly, since each
user will have their own copy of that file and will not see changes made
from other user accounts.

Virtualization also causes problems if you are dual-booting and wanting to
share config files for certain applications between Vista and the other
operating system.

Based on what you described with Palm's desktop software, I do not believe
virtualization is the culprit, as running the program "as administrator"
disables virtualization, and this would have allowed the program to work.


--
- JB

Windows Vista Support Faq
http://www.jimmah.com/vista/