Your program should not write temporary files (or anything else for that matter) to the program directory. Any program should use %TEMP% for temporary files and %APPDATA% for user specific application data. This has been true since Windows 2000/XP so you should change your aplication.

您的程序不应将临时文件（或其他任何内容）写入程序目录。任何程序都应将 %TEMP% 用于临时文件，将 %APPDATA% 用于用户特定的应用程序数据。自 Windows 2000/XP 以来一直如此，因此您应该更改您的应用程序。

The problem is not Windows 7.

问题不在于 Windows 7。

You can ask for appdata folder path:

您可以询问 appdata 文件夹路径：

string dir = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData);

or for TEMP path

或 TEMP 路径

string dir = Path.GetTempPath()

Your program has to run with Administrative Rights. You can't do this automatically with code, but you can request the user (in code) to elevate the rights of your program while it's running. There's a wikion how to do this. Alternatively, any program can be run as administrator by right-clicking its icon and clicking "Run as administrator".

您的程序必须以管理权限运行。您无法使用代码自动执行此操作，但您可以请求用户（在代码中）在程序运行时提升程序的权限。有一个关于如何做到这一点的维基。或者，任何程序都可以通过右键单击其图标并单击“以管理员身份运行”来以管理员身份运行。

However, I wouldn't suggest doing this. It would be better to use something like this:

但是，我不建议这样做。使用这样的东西会更好：

Environment.GetFolderPath(SpecialFolder.ApplicationData);

to get the AppData Folder path and create a folder there for your app. Then put the temp files there.

获取 AppData 文件夹路径并在那里为您的应用程序创建一个文件夹。然后把临时文件放在那里。

Options I can think of:

我能想到的选项：

• Run entire app as full admin priv. using UAC
• Run a sub-process as full admin for only those things needing access
• Write temporary files elsewhere

• 以完全管理员权限运行整个应用程序。使用UAC
• 以完全管理员身份运行子流程，仅针对需要访问的内容
• 在别处写入临时文件

You can't cause a .Net application to elevate its own rights. It's simply not allowed. The best you can do is to specify elevated rights when you spawn another process. In this case you would have a two-stage application launch.

您不能使 .Net 应用程序提升其自身的权利。这根本是不允许的。您能做的最好的事情是在生成另一个进程时指定提升的权限。在这种情况下，您将有一个两阶段的应用程序启动。

Stage 1 does nothing but prepare an elevated spawn using the System.Diagnostics.ProcessStartInfo object and the Start() call.

第 1 阶段除了使用 System.Diagnostics.ProcessStartInfo 对象和 Start() 调用准备提升的 spawn 之外什么都不做。

Stage 2 is the application running in an elevated state.

第 2 阶段是在提升状态下运行的应用程序。

As mentioned above, though, you very rarely want to do this. And you certainly don't want to do it just so you can write temporary files into %programfiles%. Use this method only when you need to perform administrative actions like service start/stop, etc. Write your temporary files into a better place, as indicated in other answers here.

但是，如上所述，您很少想这样做。而且您当然不想这样做只是为了将临时文件写入 %programfiles%。仅当您需要执行服务启动/停止等管理操作时才使用此方法。将临时文件写入更好的位置，如此处的其他答案所示。

I cannot agree with arguments, that it is better to write all files in other directories, e.g., %APPDATA%, it is only that you cannot avoid it, if you want to avoid running application as administrator on Windows 7.

我不能同意这样的论点，即最好将所有文件写入其他目录中，例如 %APPDATA%，只是您无法避免它，如果您想避免在 Windows 7 上以管理员身份运行应用程序。

It would be much cleaner to keep all application specific data (e.g. ini files) in the same folder as the application (or in sub folders) as to speed the data all over the disk (%APPDATA%, registry and who knows where else). This is just Microsoft idea of clean programming. Than of course you need registry cleaner, disk cleaner, temporary file cleaner, ... instead of e+very clean practice - removing the application folder removes all application specific data (exep user data, which is normally somewhere in My Documents or so).

将所有特定于应用程序的数据（例如 ini 文件）保存在与应用程序相同的文件夹（或子文件夹中）中会更干净，以加快整个磁盘（%APPDATA%、注册表和谁知道其他地方）的数据速度. 这只是微软关于干净编程的想法。当然，您需要注册表清理器、磁盘清理器、临时文件清理器……而不是 e+very clean 实践 - 删除应用程序文件夹会删除所有应用程序特定数据（例如用户数据，通常位于“我的文档”左右） .

In my programs I would prefer to have ini files in application directory, however, I do not have them there, only because I cannot have them there (on Windows).

在我的程序中，我希望在应用程序目录中有 ini 文件，但是，我没有它们，只是因为我不能在那里（在 Windows 上）。

I think there is an alternate solution to all these problems.... Make an two level application. As said above...

我认为所有这些问题都有一个替代解决方案......制作一个两级应用程序。如上所述...

1) Launcher which will launch another Main App using code such as (VB)

1) 启动器，它将使用 (VB) 等代码启动另一个主应用程序

Call ShellExecute(hwnd, "runas", App.Path & "\MainApp.exe", 0, 0, vbNormalFocus)

2) Main App, which is writing to protected areas, ie Program Files folder

2) Main App，正在写入保护区域，即Program Files文件夹

I've successfully tried this with windows 7

我已经在 Windows 7 上成功地尝试过这个

I'm also developing an app which has online update feature. But it doesn't work in Vista/W7..

我也在开发一个具有在线更新功能的应用程序。但它在 Vista/W7 中不起作用..

I agree with other peoples about Microsoft Policies and Standard Practices.

我同意其他人关于 Microsoft 政策和标准做法的看法。

But my Question is .. 1) How to apply update to an existing application, which probably always remain in Program Files folder. 2) There might be some way to do this, otherwise how goolge updater, antivirus updater or any software updater workes?

但我的问题是.. 1) 如何将更新应用到现有应用程序，该应用程序可能始终保留在 Program Files 文件夹中。2) 可能有一些方法可以做到这一点，否则 goolge 更新程序、防病毒更新程序或任何软件更新程序如何工作？

I need answer to my questions..... :o

我需要回答我的问题..... :o

Prof. Rajendra Khope (MIT, Pune, India)

Rajendra Khope 教授（麻省理工学院，印度浦那）

It would be neater to create a folder named "c:\programs writable\" and put you app below that one. That way a jungle of low c-folders can be avoided.

创建一个名为“c:\programs writable\”的文件夹并将您的应用程序放在该文件夹下会更简洁。这样就可以避免低 c 文件夹的丛林。

The underlying trade-off is security versus ease-of-use. If you know what you are doing you want to be god on you own pc. If you must maintain healthy systems for your local anarchistic society, you may want to add some security.

潜在的权衡是安全性与易用性。如果你知道自己在做什么，你就想在自己的电脑上成为上帝。如果您必须为当地的无政府主义社会维护健康的系统，您可能需要增加一些安全性。

Another way round it would be to stop UAC then restart it. Create a CMD file with the following code;

另一种方法是停止UAC然后重新启动它。使用以下代码创建一个 CMD 文件；

Rem Stop UAC %windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f rem force reboot Start ShutDown /R /F /T 30

Rem Stop UAC %windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f rem force reboot Start ShutDown /R /F /T 30

You'll need to right click on the CMD file and use run as admin. once you have finished what you are doing restart UAC with the following code (no need to use run as admin this time);

您需要右键单击 CMD 文件并使用以管理员身份运行。完成您正在执行的操作后，使用以下代码重新启动 UAC（这次无需以管理员身份运行）；

%windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 1 /f

%windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 1 /f

rem force reboot Start ShutDown /R /F /T 30

rem force reboot Start ShutDown /R /F /T 30

The down sides to using this method is have to right click and use run as admin to close UAC down and you have to reboot for it to take effect.

使用此方法的缺点是必须右键单击并使用以管理员身份运行来关闭 UAC，您必须重新启动才能使其生效。

BTW there are several reasons why you would need to write to the forbidden areas...the first two that springs to mind would be to run a batch file to append host to prevent your browser going to dodgy sites or to copy license keys in a silent install.

顺便说一句，您需要写入禁止区域的原因有多种......首先想到的两个原因是运行批处理文件以附加主机以防止您的浏览器进入狡猾的站点或复制许可证密钥静默安装。

If you have such a program just install it in C:\, not in Program Files. I had a lot of problems when I was installing Android SDK. My problem got solved by installing it in C:\.

如果您有这样的程序，只需将其安装在 中C:\，而不是安装在 Program Files 中。我在安装 Android SDK 时遇到了很多问题。我的问题通过将其安装在C:\.

I am working on a program that saves its data properly to %APPDATA%, but sometimes, there are system-wide settings that affect all users. So in these situations, it HAS to write to the programs installation directory.

我正在开发一个将数据正确保存到 %APPDATA% 的程序，但有时，系统范围的设置会影响所有用户。所以在这些情况下，它必须写入程序安装目录。

And as far as I have read now, it's impossible to temporarily get write access to one directory. You can only run the whole application as administrator (which should be out of the question) or not be able to save that file. (all or nothing)

就我现在所读到的而言，暂时获得对一个目录的写访问权限是不可能的。您只能以管理员身份运行整个应用程序（这应该是不可能的）或无法保存该文件。（全有或全无）

I guess, I will just write the file to %APPDATA% and launch an external program that copies the file into the installation folder and have THAT program demand admin privileges... dumb idea, but seems to be the only practical solution...

我想，我只是将文件写入 %APPDATA% 并启动一个外部程序，该程序将文件复制到安装文件夹中并拥有该程序需要管理员权限......愚蠢的想法，但似乎是唯一实用的解决方案......