Subject Re: "aliases.conf" access problem under Windows Vista
Author ove.bjerregaard
Hi Adam (and any other who kindly replied to my question)

Thank you.

I understand the situation much better now, and have decided for my
application, that the correct way to to it, is to put the aliases.conf
in the users own "AppData" folder.


--- In, "Adam" <s3057043@...> wrote:
> --- In, "ove.bjerregaard"
> <ove.bjerregaard@> wrote:
> >
> > I have an application that can make new entries in aliases.conf.
> >
> > This is not possible under Windows Vista, as the application does not
> > have write permission to the "Program Files" folder, unless the user
> > starts the application with "Run as Administrator".
> >
> > This is a general Microsoft access limitation, and all documentation
> > from Microsoft suggest that the correct thing to do is to put all
> > static files (.exe, .dll etc.) in the "Program Files" folder, and all
> > other files in the "Users\AppData" folder.
> >
> > It is possible to change the firebird.conf, so the Firebird server
> > looks for the alises.conf file in a different location, but if this
> > location is in the users "AppData" folder, this file will not be
> > available for other users of the computer.
> >
> > So if I want to have one, central, single aliases.conf file for all
> > users of the computer, where should I put it, and how should I do
> It is not a "limitation". It is called "security". In fact, Windows XP
> (heck any Windows that has NTFS) will only let you do this if you are
> a power user or administrator.
> I believe that allowing an arbitrary user to add or remove things from
> the aliases.conf file is potentially a security flaw.
> You also appear to be making the assumption that there is only a
> single instance of Firebird on the computer in question. There is
> nothing stopping you from installing different instances listening to
> ports, each with their own aliases.conf. (It also begs the question of
> how your application identifies which instance of aliases.conf it
> returns). I also wouldn't be assuming that aliases.conf will be around
> together, there are a number of requests that have come up in this
> list in the past few months that, if implemented, would require
> placing the aliases inside a database.
> Presuming you have legitimate answers to the above questions, one
> approach would be to write a service application. You don't mention
> your programming environment, but if I was doing this in Delphi, I
> would write a RemObjects server that listened to a TCP port. This
> service would be installed as a user with write access to the Firebird
> folder. The client application would make requests to the RemObjects
> server (so the process working with the file from Windows perspective
> would be the service running as a user with elevated privileges in
> that folder). If your application is well written, it should only take
> minutes to hours (depending on the complexity) to make these changes.
> Adam