When a process is running at the low integrity level, you can't write to %temp% so I need a way to find the path to the %temp%\Low di开发者_Python百科rectory (Without hardcoding the word "Low")
The "Finding Low Integrity Write Locations" section of the "Understanding and Working in Protected Mode Internet Explorer" article includes the following tidbit:
Note Protected Mode modifies IE's environment variables. As a result, the GetTempPath() function returns %Temp%\Low when called while Protected Mode is active.
According to MSDN
When in Protected Mode, extensions can write files to a folder below the user's UserProfile folder, typically %userprofile%\AppData\LocalLow. Use the SHGetKnownFolderPath function with the FOLDERID_LocalAppDataLow flag to obtain the expanded folder name.
SHGetKnownFolderPath(FOLDERID_LocalAppDataLow, 0,
NULL, szPath, ARRAYSIZE(szPath));
If you're just looking for a temporary directory to write to, you could loop through the directories inside the %temp%
directory and try to write to each.
If UAC is disabled, .
should be the first. If not, .\Low
should be the only one.
According to MSDN
"Low-integrity processes can write and create subfolders under %USER PROFILE%\AppData\LocalLow"
I don't think there's any way to avoid hardcoding thost last two folders.
精彩评论