堆栈内存溢出
  简体   繁体   English

低完整性进程和Windows服务都可能在哪里存储日志文件?

[英]Where to store log files thay may be generated from both a low-integrity process and a Windows Service?

 原文  2011-03-30 14:24:00       c++/ windows/ winapi/ logging

问题描述

In short: Is there a standard folder in Windows that is 1) writable by low-integrity processes 2) independent of the user running the process? 简而言之: Windows中是否有一个标准文件夹,该文件夹可以1) 低完整性进程可写2) 独立于运行该进程的用户

There are a number of questions on Stack Overflow about the location of log files, but I think my problem is a wee bit different. 关于堆栈溢出,关于日志文件的位置有很多问题,但是我认为我的问题有点不同。

My application has two main components: an ActiveX, which runs under IE and has thus low integrity, and a Windows Service. 我的应用程序具有两个主要组件:一个在IE下运行并因此具有较低完整性的ActiveX,以及一个Windows Service。 Both of them generate logs, and I would like to store everything in the same place. 它们都生成日志,我想将所有内容存储在同一位置。

I tried using SHGetKnownFolderPath(FOLDERID_LocalAppDataLow) . 我尝试使用SHGetKnownFolderPath(FOLDERID_LocalAppDataLow) That's just fine for the ActiveX, but Windows returns the following folder for my service: C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\LocalLow\\ . 这对于ActiveX来说很好,但是Windows为我的服务返回了以下文件夹: C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\LocalLow\\ That's bad for a number of reasons. 出于多种原因,这很糟糕。

I can't use %AllUsersProfile% or %APPDATA% either, because low-integrity processes don't have write permission there. 我也不能使用%AllUsersProfile%或%APPDATA%,因为低完整性进程那里没有写权限。

I've thought about having my service find out the currently logged on user and manually get to the LocalLow folder, but there can be 0 or many of those, so that'd also be a problem. 我曾考虑过让我的服务找出当前登录的用户并手动访问LocalLow文件夹,但是其中可能有0个或很多,所以这也是一个问题。

1 个解决方案

解决方案1
 0  2011-03-30 17:19:23

I would still pick %ALLUSERSPROFILE%. 我仍然会选择%ALLUSERSPROFILE%。 Under that path, you would typically create a folder for your company name and then a folder for the product. 在该路径下,通常将为公司名称创建一个文件夹,然后为产品创建一个文件夹。 Regular non-admin user accounts are able to write to %ALLUSERSPROFILE% but for your specific scenario if default ACLs are not good enough, you can always modify the permissions on the directory for your specific application during install time. 常规的非管理员用户帐户可以写入%ALLUSERSPROFILE%,但是对于您的特定方案,如果默认ACL不够好,您可以在安装期间始终为特定应用程序修改目录的权限。

We've deployed something very similar to what you have (ActiveX control running within IE as well as a set of services and regular apps) and that's where we store our logs without any problems. 我们已经部署了与您所拥有的东西非常相似的东西(在IE中运行的ActiveX控件以及一组服务和常规应用程序),这就是我们存储日志的地方,没有任何问题。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 boost :: interprocess message_queue-Windows 7低完整性进程 - boost::interprocess message_queue - Windows 7 low integrity process 在低完整性进程下如何查询进程名称? - How to Query process names under low integrity process? Windows Service配置文件的存储位置 - Where to store Windows Service configuration file Windows服务属性-登录 - Windows service properties - log on 错误配置过程项目文件可能无效 - Error in configuration process project files may be invalid 如何从Windows服务在系统帐户下启动单独的进程? - how to start separate process under system account from a windows service? 从文件和控制台窗口读取/写入-C ++ - Read/Write from both files and console windows - C++ Windows上的gcc调试日志文件? - gcc debug log files on Windows? 通过服务创建流程 - Create process from service Windows如何在从中检索值之前执行完整性检查? - How windows performs integrity check before retrieving the values from it?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM