I'm creating a C++ linux application that needs some initial parameters of configuration to work correctly, these externals configurations is needed to avoid multiple compilations for parameters changes, and this configurations needs to be unknow by the end users. I was thinking an way do make an hidden configuration file that is consumed at the first execution, and always is researched at execution to verify possibles changes. Some suggestion to do this?
It is unlikely that you can hide the configuration file so that people do not know its existence: most Linux users would want to know which files you are installing in which location, and there are many ways to help them in discovering that, even if you try to do it without telling them (the simplest way that comes to my mind, they may do a file system snapshot and compare it before and after running the install program)
If your goal is to prevent people from changing the configuration without your permission (i.e., without paying for a license upgrade), you may do it by requiring the configuration to be signed from your company, storing the verification key inside the executable.
If you want to prevent the configuration from being read you don't have that much luck: there is not much that can stop a motivated attacker from reading the content of that file, since your application must be able to do it as well.
Related
One of the requirements for this project is that it must be able to launch w/out admin. It is a massive project, so I can't really show you the source and a meaningful and helpful way
I've gone to some people for help, and they suggest that I look throughout my project for any times I write files. However, I can't think of anywhere else I still do this, and yet the exe will only run in admin mode. If you try and run it in non-admin mode, it crashes.
I understand that it's difficult to debug if you can't see project, but the project is hundreds of files. Mainly, I'm looking for advice on the kinds of things that would cause a program to crash in not admin mode but run perfectly fine in admin mode
Just as the many people suggested, the issue was opening a file with read/write privileges. Even though we were only reading from the file, we opened the file as an fstream instead of an ifstream.
I missed it because the problem was hiding in some string utils functions that were written by another team member who is no longer with the team. Pretty much no one was using those string functions or was aware they existed.
Thanks for yours guys' suggestions regardless!
For starters, I don't think you can run and install vcredist_x86.exe without admin privileges.
Other than that, in general to not ask for UAC, I think you need to setup the PrivilegesRequired properly.
EDIT: To work-around the need to install vcredist you could use static runtime linking. However, that has some disadvantages as well (for example, memory allocation/deallocation must then be always done in the same memory context, i.e. the same dll/executable - which is always the best policy anyway).
A simple question. Is it possible to lock a directory under linux ? Actually what I need is that only one application (which I wrote) has an access to a specified directory which is created by this application. So basically it is a cache directory for that app and so-far users have been messing with it. so i wish to prevent this in future.
Is it possible to do this?? and how (language: c++)?
Not possible in standard C++ at all.
Under linux, use setuid permissions on the executable, so it runs in context of its owner. Then you can lock down access permissions for the directory, so it is only accessible to the owner of the executable.
Of course, this doesn't stop users using your program from messing with your cache. You need to design your program so it prevents inappropriate actions by users. And make sure the owner account (which can be set up specifically for your application) does not have more privileges than it needs.
If you trust people who have "root" permission on the system(s) that this is installed on, you can rely on having a special user or group, and use setuid and/or setgid to prevent others from tampering with the file. This does, however, mean that the installer of the software will need to have root permission, so "any" user can't install the software, which in some circumstances may not be a good solution.
The better solution is really to either have a hash of the file stored in the file [plus some constant data or some such, so that the user can't just run sha1 modified-file and get the "right hash"], or encrypt the whole file.
The problem with BOTH of these methods is that you still can't rely on it 100% - someone with enough motivation and resources will figure out what the constant data is, and just calculate that as new hash after modifying the data in your file. And similarly, assuming your application knows how to decrypt the file, the application can be reverse engineered to find the encryption key and encryption method.
So you are fighting a "code war" (pun on cold war) against your "users".
There are commercial solutions available for license management (and that I have been the user of is FlexLM, but there are several others too). This is a little more work, and will probably cost a little bit in license fees, but you will save yourself a whole heap of potential headache if you use a commercial product.
I want to store a lot of configuration data pertaining to cluster, process, IP addresses etc. I have worked on one such product earlier where LDAP was used for this purpose. Although it was PITA to configure it the first time, I liked the transactional LDAP part which helps in dynamic reloading of the configuration when there is a change. It can be done with a flat file using inotify, but that is not as good as transactional LDAP. But, as I said, the configuration was a real pain, and also I don't want to borrow the same idea of LDAP in this product.
So can anyone give me an idea about which will be the next best replacement, which makes entering configuration easy and also that can help in dynamic configuration and notify my process whenever there is a change in the configuration file and exactly what changed (directly or indirectly)?
I am planning to develop my product in C++ and C.
The configuration can be edited by an Admin, or if he is too lazy he can automate it using some script. Also through cli, but not by a running process, that will land me up in concurrency and locking issues.
My program is a daemon, some sort of cluster manager running on multiple nodes.
There is no wrapper provided for user to edit configuration.
I am only looking for Linux/Solaris platform.
You have not really given enough background information for a good answer to be given. So, here are some of the unasked questions, the answers to which will influence your choice:
How is the configuration file edited? By your process, or by hand-editing, or by some other program?
How is the main program running - in the foreground with a user interacting, or in the background as a daemon?
If you expect people to hand-edit the configuration, then you can provide a wrapper script for doing so which sends a signal (conventionally SIGHUP) to the daemon to tell it to reread its configuration file.
If your main program is going to guide the user through the editing, then you really don't need to tell the program when the editing is complete. It already knows.
You mention Linux in the tags; can we assume that Windows portability is not an issue?
As to configuration file formats, you can go with the vogue (and bloat) of using XML. However, although that is a good tool for programs communicating, it is not very good for people to edit. You should look at E S Raymond's "The Art of UNIX Programming" which is a good general read and has a chapter on different configuration file formats. You should probably adopt one of the schemes outlined there. Which scheme is best depends in part on what information you have to capture in your configuration file.
If you're going to embed an interpreter (Perl, Lua, Tcl/Tk, ...) into your program, you might use that language to handle the configuration file...or you might not.
We have been using ClickOnce deployment for some time now and all has been fine until recently. We have one of our clients that is now deleting their clients Documents and Settings directories which inturn is totally erasing our clickonce cache. From what I have seen, there is no way of setting an alternate location for this, but many of my references online were from 2005.
I was hoping someone may be able to provide a definitive answer as to whether or not they have changed this and there is a way to change the installation directory and if not, do you have any recommendation where I may be able to find a solution to this problem.
In then end, we would like the same Clickonce functionality regarding auto updates, however a way of letting the user choose where they want to install their files to. Any info would be great! Thanks!!
Dan
I found a post that seems to ask the same question as you do, and according to the answers it received, it is not possible to set the destination folder of a ClickOnce application.
Anyway, I think it's a reasonable assumption to make when developing an application for a client that the application data folder will not be deleted on an ad-hoc basis (unless this is a condition that has been known during the requirement gathering of the project).
If this client of yours doesn't have a very specific (and good) reason to remove the app data folders, I think you should just explain that "no, that's not going to work with our solution".
Our win32 applications (written in C++) have been around for over 10 years, and haven't been updated to follow "good practices" in terms of where they keep files. The application defaults to installing in the "C:\AppName" folder, and keeps application-generated files, configuration files, downloaded files, and saved user documents in subfolders of that folder.
Presumably, it's "best practices" to default to installing under "c:\Program Files\AppName" nowadays. But if we do that, where should we keep the rest of our files? Starting from Vista, writing to the program files folder is problematic, and there seem to be a million other places that you can put different files, and I'm confused.
Is there a reference somewhere for what goes where?
Edit: To expand on questions people have asked so far:
I'm familiar with the SHGetFolderPath function, but there are lots and lots of options that you can get from it, and I can't find a resource that says "Here is exactly what each of these options is used for, and when you might want to use it".
Up until now, we've done the "All files, including saved user files, under one folder" thing, and it's worked fine - but not when people want to install the app under the Program Files folder. For some reason, the virtualization monkeying around that Vista does isn't working for our application; if we're going to be making changes anyway, we might as well make an effort to do things the "right" way, since we don't want to have to change it again in 12 months time.
Further question:
We include some "sample" documents with our app, which we update every now and again. Is it appropriate to install them into My Documents, if we'll be overwriting them every few months? Or is My Documents assumed to be totally safe for users to mess around in?
If we can't install them to My Documents, where should we put them so that users can see them easily?
Presumably, it's "best practices" to default to installing under "c:\Program Files\AppName"
Close, but not quite. Users can configure the name of the Program Files folder and may not even have a C: drive. Instead, install to the %ProgramFiles%\AppName environment variable folder.
Note you should assume you only have read access to this folder after the installation has finished. For program data files where you might need write access, use %AppData%\AppName.
Finally, are you sure yours is the only app with that name? If you're not 100% certain of that, you might want to include your company name in there as well.
The mechanisms you use to retrieve those variables will vary depending on your programming platform. It normally comes down to the SHGetFolderPath() Win32 method in the end, but different platforms like Java or .Net may provide simpler abstractions as well.
Some guidelines are in this Knowledge Base article: How to write a Windows XP Application that stores user and application data in the correct location by using Visual C++. Also, if you search MSDN for Windows Logo Program you will find documentation regarding what an app needs to do to be truly compliant.
SHGetKnownFolderPath can get you the directories you need. If backwards compatibility with XP and earlier is required, use the deprecated SHGetFolderPath
Having said that, if you app came with documentation that said "everything used by this app is in this directory" I would love it ;)
Use the Windows SHGetFolderPath() function to get the correct directories.
Edit: To reply to your other question, added in the edit: Where to put the sample files of your application does very much depend on whether your application is installed for a single user or for all users, and whether the person installing the application can be assumed to be the one who uses it.
If your program is to be used by multiple users on a system, copying stuff into "My Documents" is not going to work - the files would be accessible only for the user installing the application. Worse, if the only user of your application needed to install as Administrator, then [s]he will not have access to the files either. So unless you are fairly certain that there is only one user for your application, and they have sufficient permissions to install the application using their own account, don't use "My Documents".
IMO you should install sample files into the directory identified by CSIDL_COMMON_APPDATA. This will give you exactly one copy for all users, and since you want every user to see the original, unaltered sample files all users should consider them read-only. In fact, your setup program should probably make them read-only. Opening one of the samples will work for all users, but as soon as they try to save their modifications the application should detect that the file is read-only, and open the "Save As" dialog, pointing to "My Documents" or suitable directory inside. That will also keep all user modifications when the installer updates the sample files later on.
It is of course somewhat more difficult for the users to find the sample files. You could add a link to the samples folder to the start menu group of your application, so that access to the files is fast, and of course you should properly document everything.
For your application binaries, you can assume that you may write to the PROGRAM FILES directory (use the %ProgramFiles% environment variable to support installations other than the default English version - e.g. in german Installations this will be c:\Programme by default). Wikipedia lists the most common variables. Another option are the SHGetFolderPath or newer SHGetKnownFolderPath functions.
For User data, you should assume that the application is running with limited access rights and may only write to the user's home directory. Same applies for registry entries. This path should probably be configurable b the user, as the home directory may actually be a network server and a user might have a second disk attached for data storage. For information on the current (Vista) filesystem guidelines see this article.
Regarding plugins, this might be more complicated. The best practice seams to be offering the option to install for the current user only, and placing the plugin in the user directory, or install for all users and place the files into your program files directory (but remember to check for write permission and request elavated access if needed).
There are plenty of environment variables like: %USERPROFILE%, %HOMEPATH%, %APPDATA% all of these points to some user-specific directories, where you can put your user-specific files.
For system-wide storage you can use %ALLUSERSPROFILE%, that is the place where you should put your read/write datafiles that are not specific to any user.
Sorry I don't know the correct answer, but...
Do you have a business case for wanting to do that? Are your customers complaining that files aren't stored where they expect? Are your applications crippled in some way because you store files in non-standard locations? If not, I don't see a reason for spending time and budget to redo your file storage strategy just to meet "best" practice. If your programs just work, then IMHO you should leave them alone and spend money and time on things that matter.
There is a directory structure under c:\users for user oriented data.
There is documentation for porting apps from older windows OSs to Vista.
Check out http://www.innovateon.com and follow the links to Vista. There is documentation regarding certification that has the details on topics like this.
We have a similar app created ~10 years ago using MFC. The easiest thing to do was create a folder right off of C:\ (e.g. C:\OurApp). No install files, no special permissions, no registry changes, etc. Clients (and particularly their sys admins) LOVE it.
One other consideration - are you planning to all of a sudden change the installation folder for existing clients (assuming this is installed in many locations)? If something isn't broke, why fix it?