I wanted to create an installer which creates some files under Program Data/{myprogram}, but with access limited to the Network Service user. I can assign ownership of the directory but at the moment the directory is readable by all other users.
I've tried adding 'Add Windows file rights' actions with trustees of 'Users' and 'Authenticated Users' with no permissions set - but maybe this can only add permissions, not remove them?
Is it possible to remove these permissions? Or is this the wrong idea and I should create the directory for program data elsewhere?
I've tried adding 'Add Windows file rights' actions with trustees of 'Users' and 'Authenticated Users' with no permissions set - but maybe this can only add permissions, not remove them?
That is correct, the "Add Windows file rights" action can only add permissions. I've created an issue for adding a "Remove Windows file rights" action.