Recent content by RodDaSilva

It doesn't.

Its actually better than that. The account created during the install is a local (not a Domain) account. I have worked hard to ensure that the service has only the permissions it needs and nothing more.

So I gave it a try - adding to my installer code to Deny all access to the root of every Drive on the machine to the user running the Windows Service. First, the install took a lot longer as the Deny permissions appeared to be added to every file/directory on each drive. Second, as you...

If I Deny this user for C:\ would they then be denied for C:\Program Files\MyApp\ ? IOWs if you are denied for any portion of the path are you denied for the entire path? (Never worked iwth Deny permissions so am not sure). Thanks, Rod

So you are confirming then that there is nothing my installer can do to "configure" the new user it is creating in order to remove those permissions (i.e.; to prevent read,execute and create folder / append data) to the root and modify to subfolders and files)?

That's not what I am starting to understand. It seems that reguarlar users are by design allowed to read/execute/create files & folders the root of all drives on a system. See here: Permissions for system drive root directory (usually C:\) must conform to minimum requirements.. Further...

So I added the user to the standard "Users" group and restarted the Windows Service but it can still read/write the C:\ drive without an issue.

Hi, New here but not new to Windows. I have a software requirement that I am surprised I can't seem to find an answer for. I have written a Windows Service. I have created an installer for this service. This installer (when run as Administrator) creates a new user, provides the user with...