I am trying to develop what would eventually might become my first commercial app.
So here I am, 85% done, with an installer compiled… so I decide to give it a try on someone else’s PC to see what happens.
Well, basically, after many warning messages about the unknown origin of the software, and the potential danger that I might be facing, windows let me install it. But it did not run because (after a little debugging) the app tried to write in SpecialFolder.SharedApplicationData.
Two questions for windows experinced developers:
Without paying anything to microsoft… Is that any way I can minimize all the danger, apocalyptic messages that windows spits when trying to install my app ?
Is it not SpecialFolder.SharedApplicationData safe to write data and create (sub)folders ? And if not… is there a folder which is 100% safe to write my app data ?
Actually question 1, should have been …: “Without paying anything”. Period.
I don’t want to invest money in this project(at this stage). So, are there any tips or advices to minimize all the warning signs that windows pos up ?
And about question 2… how do I make sure app is running with admin privileges ? (I could change the code to write tha data in SpecialFolder.ApplicationData, but I’m sure I had a reason to use SharedApplicationData instead…)
Nope. No way around digitally sign if you want to get rid of Smart Screen yellow window of shame.
That said, for a freeware, that is usually perfectly acceptable.
Is is rather involved, unless you instruct the user to do it himself with right click/properties/advanced/Run as administrator. Or, the installer may install your app to run that way. But you may not be able to install for all users.
Frankly I would avoid if I were you. ApplicationData is the way to go for all standard applications.
Your shared sqlite db should be in a folder under Shared Application Data [%programdata%] (usually your application and/or company name) and use the cacls command to make that available to all users - no Administrator requirement if done properly.
For multiple user profiles use Application Data [%appdata%] - again you should create a folder for your application under this.
If/when you decide to make the app commercial then buy the signature & sign your app. No need to do that until then.
“Your shared sqlite db should be in a folder under Shared Application Data [%programdata%] (usually your application and/or company name) and use the cacls command to make that available to all users - no Administrator requirement if done properly.”
I think I fixed it by changing the permissions in %programdata%\MyFolder allowing modify permissions for all users, in the installation script…
I finally did this about a year ago, for our Windows version. A lot less install issues and no more user emails stating they think they downloaded malware. Well worth the money it cost for KSign, although getting the documentation together to their satisfaction was a bit of a headache.
… just as friendly reminder to all WIndows Developers. Please avoid to place any of your .exe files outside designated Program Folders e.g. in the AppData Folder. System policies in Business and Enterprise Networks will prevent usage of these .exe files cause these are the places where malware and viruses drop their payload first.
I have several programs (e.g. Microsoft Office esp. OneDrive, SFIRM Banking Software) which is using temp. .exe files for updating etc… that’s crap…
[quote=282366:@Peter Job]Hardly “of shame”. You’ll be in good company, with Oracle - Virtualbox and/or the drivers it uses are not signed, for one.
Stuff Microsoft, just run it.[/quote]
Politics aside, Oracle is big enough to do whatever they please, especially for a piece of freeware.
It is an entirely different story for individual developers who start marketing their apps. In order to sell anything, you better make sure it shines, and no blemish can be found. Yes, anybody who seriously wants to make any money in software better make sure it is signed.
“Yes, anybody who seriously wants to make any money in software better make sure it is signed.”
I’ll definitely think about it… but before thinking about that I’ll think about, security, efficiency, and stability of my app. And BEFORE thinking about all that I’ll think about how much I have to learn first…
Seriously… I have this problem where I will not dare to sell my app until I’ll feel 1000% confident it works good and it’s bug free. A professional developer (friend) told me that’s too ambitious, but, I feel scared I would have to face a complicated problem I don’t know how to solve…