1

My VB.NET application needs to store a text file in a local machine. Each time the application starts, it needs to write information to that text file regardless of any user in the machine.

1) Registry is out of option. User has no write access to HKEY_LOCAL_MACHINE\Software. HKEY_CURRENT_USER\Software is not preferred as users need to provide licence unlock key whenever they open application for the first time. I only want the licence unlock key to be provided once after it is installed by any user. The licence unlock key will be written in the text file.

2) I have tried Environment.SpecialFolder.CommonApplicationData and created a folder to store the text file. It works well when administrator installs it and administrator can open the application. Once the user logs in on the same machine, the application manages to show splash screen but it stops working. No error message appears and it disappears in the Task Manager's Details tab. I still can see the text file in Environment.SpecialFolder.CommonApplicationData.

3) I have checked other question related to this problem before. One of the comments suggested Isolated Storage. However, I am not sure if I will get the same outcome as (2) above when I use Isolated Storage.

Questions:

1) Where should the licence file be stored in a local machine, which is common to all user and all user should have write, read access to that licence file?

hunterex
  • 565
  • 11
  • 27
  • If the license key is written out at the time of install (with Admin rights), any user should be able to *read* from `CommonApplicationData` without problem. Alternatively you could save it to a Public folder since it is not in their interest to delete it – Ňɏssa Pøngjǣrdenlarp Sep 23 '17 at 18:23
  • `CommonApplicationData` is the right place and although you *could* change the permissions when you first create the file, you shouldn't make the file world writable unless you really need to. You probably just need to fix the bug that is causing the application to crash, the most likely cause is inadvertently requesting write access when opening the file. – Harry Johnston Sep 23 '17 at 22:16
  • @HarryJohnston, the application has to _write_ the text file whenever it starts up. So is `CommonApplicationData` the correct place for my application to read and write the text file whenever any user logs in and starts my application? – hunterex Sep 24 '17 at 09:30
  • @Plutonix, which Public folder do you suggest for my application to write and read the text file without Admin rights? – hunterex Sep 24 '17 at 09:31
  • Sounds like things are a bit back-to-front for a licensing system. If you `only want the licence unlock key to be provided once after it is installed by any user`, then why do all users need to be able to write to it? Is the "information" written each time the app starts something different than the key? It is more typical for a license system to *check* a key, token or hash against something rather than write something down. – Ňɏssa Pøngjǣrdenlarp Sep 24 '17 at 16:33
  • @Plutonix, the applications not only checks the licence unlock key which is provided when the software is started for the 1st time, it also writes other information besides the licence unlock key, such as current time and date information to the text file. That explains why I look for a public location where the application has write, read access to a text file without admin rights. Any suggestion? – hunterex Sep 24 '17 at 19:46
  • I'll guess that logging the date and time is some sort of expiry check? There are a host of reasons that wont work, is ineffective and a bad idea. First, if 2 users try to log the date at the same time your app crashes. Next, if they delete the text file, it just looks like a new install and everything starts over. Also, logging the date really tells you nothing. Without that, you can install a proper key at installation to `CommonApplicationData` and just verify the key. Whats to keep them from posting the key? If it is worth protecting, consider a real licensing system. – Ňɏssa Pøngjǣrdenlarp Sep 24 '17 at 20:07

1 Answers1

1

Other considerations aside, CommonApplicationData is still the right place for this file.

When your installer initially creates the file, have it set permissions allowing INTERACTIVE to write to it. Ideally, you should only grant FILE_GENERIC_WRITE permission, so that non-admin users can't delete the file or change the permissions again.

Harry Johnston
  • 35,639
  • 6
  • 68
  • 158