Open martinhickson opened 3 years ago
We do not recommend sharing the cache between multiple users. OWS will do cache cleanup from time to time (depending on your settings). This could lead to problems if another user is running the app at the same time.
What is the motivation to share the cache between multiple users?
On a multi-user virtualized desktop environment such as Citrix Application Delivery Controller (ADC), there is a lot of potential to save disk space for large applications, as the number of concurrent users increases, since a single centralized shared cache folder is essentially local for all users in that case. In terms of a general use case, there are other Desktop-as-a-Service (Daas) solutions such as Amazon WorkSpaces where a centralized shared cache would be a useful feature.
With the configuration settings set appropriately so that cache clean up isn't carried out, the current issue is that the OpenWebStart code seems to modify the initial ACL permissions when cache files are created or modified that prevents other users from being able to access the files.
Yes. OWS tries to set the ACL as restrictive as possible. The reason for this is that the files in the cache contain code which will be executed. If other users would be able to manipulate these files they can execute arbitrary code on the machine.
If this is an absolute must have feature you can contact us on openwebstart@karakun.com for a paid support request
Does OpenWebStart support a centralized shared cache model? I attempted to use this mode of operation via the XDG_CACHE environment variable pointing to C:\OWS\cache, however it resulted in launch errors until I adjusted ACL permissions on some of the relevant files. I then logged out of Windows and logged in with another user but ran into permission problems since the ACL permissions for the Users group didn't allow it. If necessary, I can reattempt this if more specific details are required.