Changeset 104427 in vbox

Timestamp:

Apr 25, 2024 8:19:32 AM (9 months ago)

Author:

vboxsync

Message:

Docs/Manual: Added a new section for the Windows installation directory requirements (minor redrafting). bugref:10616

File:

• trunk/doc/manual/en_US/dita/topics/install-win-installdir-req.dita (modified) (2 diffs)

trunk/doc/manual/en_US/dita/topics/install-win-installdir-req.dita

@@ -2 +2 @@
 <!DOCTYPE topic PUBLIC "-//OASIS//DTD DITA Topic//EN" "topic.dtd">
 <topic xml:lang="en-us" id="install-win-installdir-req">
-  <title>Windows installation directory security requirements</title>
+  <title>Windows Installation Directory Security Requirements</title>
 
   <body>
+    <p> The installation directory on Windows hosts must meet certain security requirements, in
+      order to be accepted by the Windows installer. </p>
     <p>
-      The installation directory on Windows hosts must meet certain security
-      requirements in order to get accepted by the Windows installer.
+      This also applies for upgrades of <ph conkeyref="vbox-conkeyref-phrases/product-name"/>.
       </p>
-    <p>
-      This also includes upgrades of <ph conkeyref="vbox-conkeyref-phrases/product-name"/>.
-      </p>
-    <p>
-      For example, when installing <ph conkeyref="vbox-conkeyref-phrases/product-name"/> into a custom location at
-      X:\Data\MyPrograms\<ph conkeyref="vbox-conkeyref-phrases/product-name"/>, all parent directories of this path
-      (namely X:\Data and X:\Data\MyPrograms) have to meet the following
-      Discretionary Access Control List (DACL):
-      <pre xml:space="preserve">
+    <p> For example, when installing <ph conkeyref="vbox-conkeyref-phrases/product-name"/> into a
+      custom location at X:\Data\MyPrograms\<ph conkeyref="vbox-conkeyref-phrases/product-name"/>,
+      all parent directories of this path (namely X:\Data and X:\Data\MyPrograms) must meet the
+      following Discretionary Access Control List (DACL). <pre xml:space="preserve">
         Users               S-1-5-32-545:(OI)(CI)(RX)
         Users               S-1-5-32-545:(DE,WD,AD,WEA,WA)
         Authenticated Users S-1-5-11:(OI)(CI)(RX)
         Authenticated Users S-1-5-11:(DE,WD,AD,WEA,WA)
-      </pre>
-      Also, directory inheritance has to be disabled for all parent directories.
-      </p>
-    <p>
-      To modify a certain directory meeting the above requirments, one can use
-      the Windows tool <pre xml:space="preserve">icacls</pre> on the command line:
-      <pre xml:space="preserve">
+      </pre> Directory inheritance must also be disabled for all parent directories. </p>
+    <p> You can use the <codeph>icacls</codeph> Windows command line tool to modify a directory to
+      meet the security requirements. For example: <pre xml:space="preserve">
       icacls &lt;Directory&gt; /reset /t /c
       icacls &lt;Directory&gt; /inheritance:d /t /c
@@ -35 +27 @@
       icacls &lt;Directory&gt; /grant *S-1-5-11:(OI)(CI)(RX)
       icacls &lt;Directory&gt; /deny  *S-1-5-11:(DE,WD,AD,WEA,WA)
-      </pre>
-      Note that the above commands have to be repeated for all parent directories
-      (X:\Data and X:\Data\MyPrograms in the example above).
-      </p>
+      </pre> Note that these commands must be repeated for all parent directories (X:\Data and
+      X:\Data\MyPrograms in this example).</p>
   </body>