Subject | Re: "aliases.conf" access problem under Windows Vista |
---|---|
Author | ove.bjerregaard |
Post date | 2007-08-20T08:39:07Z |
Hi Adam (and any other who kindly replied to my question)
Thank you.
I understand the situation much better now, and have decided for my
application, that the correct way to to it, is to put the aliases.conf
in the users own "AppData" folder.
Ove
Thank you.
I understand the situation much better now, and have decided for my
application, that the correct way to to it, is to put the aliases.conf
in the users own "AppData" folder.
Ove
--- In firebird-support@yahoogroups.com, "Adam" <s3057043@...> wrote:
>
> --- In firebird-support@yahoogroups.com, "ove.bjerregaard"
> <ove.bjerregaard@> wrote:
> >
> > I have an application that can make new entries in aliases.conf.
> >
> > This is not possible under Windows Vista, as the application does not
> > have write permission to the "Program Files" folder, unless the user
> > starts the application with "Run as Administrator".
> >
> > This is a general Microsoft access limitation, and all documentation
> > from Microsoft suggest that the correct thing to do is to put all
> > static files (.exe, .dll etc.) in the "Program Files" folder, and all
> > other files in the "Users\AppData" folder.
> >
> > It is possible to change the firebird.conf, so the Firebird server
> > looks for the alises.conf file in a different location, but if this
> > location is in the users "AppData" folder, this file will not be
> > available for other users of the computer.
> >
> > So if I want to have one, central, single aliases.conf file for all
> > users of the computer, where should I put it, and how should I do
this?
>
> It is not a "limitation". It is called "security". In fact, Windows XP
> (heck any Windows that has NTFS) will only let you do this if you are
> a power user or administrator.
>
> I believe that allowing an arbitrary user to add or remove things from
> the aliases.conf file is potentially a security flaw.
>
> You also appear to be making the assumption that there is only a
> single instance of Firebird on the computer in question. There is
> nothing stopping you from installing different instances listening to
> ports, each with their own aliases.conf. (It also begs the question of
> how your application identifies which instance of aliases.conf it
> returns). I also wouldn't be assuming that aliases.conf will be around
> together, there are a number of requests that have come up in this
> list in the past few months that, if implemented, would require
> placing the aliases inside a database.
>
> Presuming you have legitimate answers to the above questions, one
> approach would be to write a service application. You don't mention
> your programming environment, but if I was doing this in Delphi, I
> would write a RemObjects server that listened to a TCP port. This
> service would be installed as a user with write access to the Firebird
> folder. The client application would make requests to the RemObjects
> server (so the process working with the file from Windows perspective
> would be the service running as a user with elevated privileges in
> that folder). If your application is well written, it should only take
> minutes to hours (depending on the complexity) to make these changes.
>
> Adam
>