Search code examples
.netwindows-servicesunauthorizedaccessexceptiprogramdata

App unable to rewrite file saved by a Windows service


The problem is, my .NET Windows Service (running under NT AUTHORITY\SYSTEM) creates a file in a folder inside ProgramData, and the windows application gets a System.UnauthorizedAccessException if it tries to overwrite it. Currently logged in user has an admin account, but the app doesn't start elevated (and I would like to avoid it).

If the service starts after the application, then the file is created by the UI app and it works fine. Is it possible to make a .NET Windows Service create a file which can be overwritten by a Windows app?


Solution

  • It is just about file permissions. You need to add write entry for the users you want to be able to run the application. See this MSDN article on how to set it.

    The key part:

    // Get a FileSecurity object that represents the 
    // current security settings.
    FileSecurity fSecurity = File.GetAccessControl(fileName);
    
    // Add the FileSystemAccessRule to the security settings.
    fSecurity.AddAccessRule(new FileSystemAccessRule(account,
                    rights, controlType));
    
    // Set the new access settings.
    File.SetAccessControl(fileName, fSecurity);