I have a windows service that updates our product. It copies the product files to a temporary directory, usually "C: \ Windows \ Temp", fixes the binaries, and then uses MoveFileEx to copy the files back to the installation directory on reboot, usually "C: \ Program Files \ Product". Files in the installation directory inherit their security attributes from the parent folder. After copying, repairing, and rebooting, files in the installation directory bypass some ACLs. In particular, files no longer have ACLs for the Users group, so users can no longer run the program after a reboot.
Can anyone explain what is going on here? It seems that copying from the installation directory to the temp directory files inherit access control lists from the temporary directory. However, in MoveFileEx / Reboot files only inherit ACLs that have both installation directories and temp.
source
share