Home
Blogs
Forums
News
Portfolios
Projects
Tutorials
28 users logged in
New? Learn about game development.
Before posting, review our community guidelines.
Follow Us
Chat in the GameDev.net Discord!
Mastodon
Back to General and Gameplay Programming

default install folder for windows game

Started by
32 comments, last by Aardvajk 8 years, 7 months ago

whats a good default install folder for a windows game?

i'm about to post beta 21 of Caveman with skinned meshes. But i noticed that in Inno setup, i'm installing to \program files(x86)\caveman.

i've had one user with issues caused by a corrupt UAC file and use of the program files directory.

Also, skyrim modding guides recommend moving steam out of the program file folder due to UAC issues, protected folders, having to run as admin, etc.

So installing to protected folders can cause issues.

So whats a good default non-protected folder to install under?

Norm Barrows

Rockland Software Productions

"Building PC games since 1989"

rocklandsoftware.net

PLAY CAVEMAN NOW!

http://rocklandsoftware.net/beta.php

Advertisement

I'm using NSIS, not InnoSetup, but I install to:


InstallDir "$LOCALAPPDATA\TotAW"

Which works out to "C:\Users\gdunbar\AppData\Local\TotAW" on Windows 7. I believe when I researched that this was "the right place" to put an application such that it could be installed and run by a non-admin user, but I don't have that research handy. Seems to work well enough.

Good luck!

Geoff

I've seen applications that install their static components into Program Files, such as updaters, patchers, etc., which then "install" everything else that can be modified or updated into AppData.

I believe best practice is to write things like your executable to Program Files, which you can only write to while your installer has raised access level. This protects against your exe being hijacked for example. So things that are read-only after installation go there.

Files the game needs to write to go in AppData, using the system call to identify the folder rather than hard code.

The issues with UAC are generally due to older software not following these rules and having read-write requirements on files in protected folders like Program Files.

The idea is that your installer gets raised access level but your game itself does not require it.
journal | website | twitter | youtube

whats a good default install folder for a windows game?

i'm about to post beta 21 of Caveman with skinned meshes. But i noticed that in Inno setup, i'm installing to \program files(x86)\caveman.

i've had one user with issues caused by a corrupt UAC file and use of the program files directory.

Also, skyrim modding guides recommend moving steam out of the program file folder due to UAC issues, protected folders, having to run as admin, etc.

So installing to protected folders can cause issues.

So whats a good default non-protected folder to install under?

(multi user) application binaries should go into FOLDERID_ProgramFiles, application data should go into FOLDERID_ProgramData and user files (save games, settings, etc) should go into FOLDERID_LocalAppData.

https://msdn.microsoft.com/en-us/library/windows/desktop/bb762188(v=vs.85).aspx

https://msdn.microsoft.com/en-us/library/windows/desktop/dd378457(v=vs.85).aspx

if you want to support legacy versions of Windows you can use the CSIDL equivalents

If you want non admin users to be able to modify the binaries you should default to FOLDERID_UserProgramFiles (single user installation) Available in Win7 and later, for Vista you can fall back to FOLDERID_LocalAppData and add \Programs or something to the path (You should never ever install multi user binaries in a location where non admins are able to modify them as that compromises the systems security), even if you do single user installation you may still want to share some or all data between users (if you have several gigabytes of levels, artwork, music, etc you probably don't want each user to need their own copy even if they each have their own binaries)

[size="1"]I don't suffer from insanity, I'm enjoying every minute of it.
The voices in my head may not be real, but they have some good ideas!
Skyrim modding guides recommend moving steam because Skyrim mods need to be in the executable's folder, and since most modding tools will need to edit/copy/move these files around, the game should be in a non-protected folder.

Note that you could just as easily leave steam in program files and then set up a symbolic link to store Skyrim in a non-protected location, pointing the mod tools at said non-protected location. (Honestly, the game itself should check the documents or app data folders for mods instead of forcing the game's folder, but here we are)

In general though, Program Files is the correct location. You should not be writing anything to this folder outside of an installer or patcher (both of which should request elevation from the user). Game data that the game wants to update/modify like settings should go in the app data folder. And it's up in the air as to whether to store save games in app data or the documents folder - some like the documents folder because it's easier for the user to find for when they want to back up data or mess around with the saves. And you could argue a game's save is similar to a Word document, being a "document" the game creates at the wishes of the user.

Well, Steam is bad, and if I was developing an operating system Id have banned them. Although they install to program files, they modify the file permissions and give "Full Control" to the local "Users" group. This means that nearly any old piece of non-trusted code can go and change stuff in their, for example replacing a games executable or DLL files with malicious versions.

You really want to install to program files by default, and require elevation to a trusted user for both installation and updates, and never load executable files (exe's, dll's, Java jar's, etc.) from any non-trusted location. This way no other untrusted piece of code can infect your program.

I suspect MS would really like to ban what Steam does and any other case of executables in generally writeable locations, but the size of that compatibility problem would cause a really big backlash. The new App's system is a lot more restrictive and would expect to see further phasing out of the legacy "desktop program" stuff.


(multi user) application binaries should go into FOLDERID_ProgramFiles, application data should go into FOLDERID_ProgramData and user files (save games, settings, etc) should go into FOLDERID_LocalAppData.

so caveman.exe goes in ProgramFiles, all the meshes, textures, models, wavs, animations etc go in ProgramData, and savegames, and stuff that gets paged from disk like container content lists and explored local map bitmasks goes in LocalAppData (IE C:\users\current_user\appdata\local).

hmm... more work, and you can't find everything in one folder. but it gets you readonly binaries, shared data (probably irrelevant for caveman), and user data under the current_user folder for ease of backup purposes (i'd assume).

right now i put it all in a single caveman3 folder under programfiles. i haven't had any issues with this on my PC even though programfiles is protected. but then again, i only have one account on the PC, the admin account, which is what i use all the time. so i suppose i'm always running as admin.

also i haven't moved steam or skyrim, and have encountered no issues on my PC - i'm trying to muck with the skyrim install as little as possible while modding.

however, installing under programfiles, corrupt UAC files apparently can lead to the dreaded BEX error:

http://www.gamedev.net/topic/660329-whats-this-error-message-mean/

and fixing it its pretty ugly. cant find the link right now, but it involves un-hiding hidden folders and files and regedit and hkeys - you get the idea. way more than you want the user to have to go through to run your game.

so i was thinking, you could avoid this whole UAC issue by simply installing to an unprotected folder - IE somewhere other than program files. its a simple one line change in the Inno setup script.

OTOH, this means you're not doing it the MS way...

should i not worry about users with UAC issues?


You really want to install to program files by default, and require elevation to a trusted user for both installation and updates, and never load executable files (exe's, dll's, Java jar's, etc.) from any non-trusted location. This way no other untrusted piece of code can infect your program.

if by trusted you mean verisign, then i'm screwed, because i can't afford to verisign right now, so its all from "Unknown Publisher".

Norm Barrows

Rockland Software Productions

"Building PC games since 1989"

rocklandsoftware.net

PLAY CAVEMAN NOW!

http://rocklandsoftware.net/beta.php

should i not worry about users with UAC issues?


No - in the same way that you shouldn't worry about users who have deleted bits of their operating system or are overclocking with inadequate cooling.

If their computer is so messed up that the core security feature of Windows is broken, there is nothing you can do to "fix" or account for it.

You might as well be trying to account for cosmic rays hitting the memory chip or CPU and randomly swapping bits of your program while running smile.png

You really want to install to program files by default, and require elevation to a trusted user for both installation and updates, and never load executable files (exe's, dll's, Java jar's, etc.) from any non-trusted location. This way no other untrusted piece of code can infect your program.


if by trusted you mean verisign, then i'm screwed, because i can't afford to verisign right now, so its all from "Unknown Publisher".


There are several companies that can provide code signing certificates for varying amounts of money. VeriSign isn't the only one.

But yes, it's not free, and you will have to provide some personally identifying information - otherwise everyone would just sign their viruses and then where would we be? smile.png

if by trusted you mean verisign, then i'm screwed, because i can't afford to verisign right now, so its all from "Unknown Publisher".

Actually, no I didn't, although that makes you "even more trusted" since a user will get less scary warning prompts from Window's and be happier to let it run/elevate. By "trusted" I meant "anywhere the user elevated a process, likely through UAC", such that it can write to ProgramFiles/etc., where as a normal program without that elevation can't write to those directories (and therefore cant mess with other software that installed itself securely). This also has the effect that users that can't elevate don't get to mess with modifying software that is for all users (imagine if I could go play with files in C:\Windows, MS Office etc. on a shared machine at work/school/etc. By installing to a place with access to the "Users" group you are letting me do that, but with default restrictions in program files I can't, I need to have admin rights / credentials to get past UAC).

I suppose with code signing you could implement a secure auto-update without elevation. Even without verisign/trust roots. Since if your bootstrap/updater securely installed to program files has a CA certificate you made or brought, then when it downloads the other files to "C:\Users\Untrusted\AppData\Writeable\" it could in theory fully verify them before letting them run. But Ive never seen that done, thats just some on the spot speculation. And I don't think you can do that outside of legacy desktop apps either, both CreateProcess and LoadLibrary API's you would want to actually then run/load your game files appear to be disallowed now.

This topic is closed to new replies.

Advertisement

Popular Topics

Aybe One
How do you manage yourself and your time as years pass on? GDNet Lounge
Jikoob
Too many managers? General and Gameplay Programming
ReignOnU
Do your part to stop global warming and climate change GDNet Lounge
aigan
The promise of freedom in story games Game Design and Theory
robertrobert
Facebook Ads for sales on steam, does it work? Games Business and Law
AliAbdulKareem
Understanding the wavy-like shape in alpha-testing magnification for text rendering Graphics and GPU Programming
Advertisement

Recommended Tutorials

GameDev.net
Maps Cost in Medieval Times Game Design and Theory
Myopic Rhino
Effective Event Handling in C++ General and Gameplay Programming
Ruben Torres Bonet (The Gamedev Guru)
Compilation Visualizer: Uncover These Iteration Time Killers General and Gameplay Programming
Myopic Rhino
SIGGRAPH 2009 Event Coverage
Myopic Rhino
The Two C Game Design and Theory

Reticulating splines

About GameDev.net
Community Guidelines
Terms of Service
Privacy Policy
Contact Us
Copyright (c) 1999-2024 GameDev.net, LLC
Back to Top