winapi - Windows 7 是否像 Vista 一样限制文件夹访问？

Question

我注意到在我的应用程序中，大多数兼容性问题是由某些文件夹的“拒绝访问”引起的，例如:

Application Data [C:\ProgramData]
Desktop [C:\Users\Public\Desktop]
Documents [C:\Users\Public\Documents]
Favorites [C:\Users\Public\Favorites]
Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
Templates [C:\ProgramData\Microsoft\Windows\Templates]

Windows 7 和 Vista 有同样的问题吗？
在 Stack Overflow 成员的帮助下，我知道在 Vista 上我可以使用 CSIDL_APPDATA启用文件访问，而不会出现 UAC 问题或“拒绝访问”错误。
这也适用于 Windows 7 吗？

Answer 1

这不是“问题”，而是功能。 它叫做 User Account Control (UAC) ，这是在 Windows Vista 下加强系统安全性的方式之一。 Windows 7 确实保留了类似的安全模型。

您的应用程序完全没有理由首先需要弄乱系统文件夹。正如您已经了解到的，Windows 为应用程序提供了许多临时和永久存储数据的位置。 Microsoft 长期以来一直建议您利用这些文件夹:即使在以前版本的 Windows 下，它们也是存储数据的首选位置。事实上，你忽略了这个建议，但你的应用程序继续工作，实际上是错误。更高版本的 Windows 最终关闭了该安全漏洞，从而破坏了您的应用程序，这一事实既不是意外也不是不受欢迎。

您可以找到有关数据存储位置的更多信息 on this page .另见 this blog article ，它试图将一系列技术文档汇总到一个方便的表格中。和往常一样，Raymond Chen提供了对位置之间差异的简单但有启发性的概述:

The most important difference between My Documents and Application Data is that My Documents is where users store their files, whereas Application Data is where programs store their files.

In other words, if you put something in CSIDL_MYDOCUMENTS (My Documents), you should expect the user to be renaming it, moving it, deleting it, emailing it to their friends, all the sorts of things users do with their files. Therefore, files that go there should be things that users will recognize as "their stuff". Documents they've created, music they've downloaded, that sort of thing.

On the other hand, if you put something in CSIDL_APPDATA (Application Data), the user is less likely to be messing with it. This is where you put your program's supporting data that isn't really something you want the user messing with, but which should still be associated with the user. High score tables, program settings, customizations, spell check exceptions...

There is another directory called CSIDL_LOCAL_APPDATA (Local Settings\Application Data) which acts like CSIDL_APPDATA, except that it does not get copied if the user profile roams. (The "Local Settings" branch is not copied as part of the roaming user profile.) Think of it as a per-user-per-machine storage location. Caches and similar non-essential data should be kept here, especially if they are large. Other examples of non-roaming per-user data are your %TEMP% and Temporary Internet Files directories.