[Privoxy-users] Installation on Windows 11

Fri May 2 12:52:11 CEST 2025

On Thu, May 1, 2025 at 1:27 PM Ian Silvester  wrote:
>
> On Thu, 1 May 2025, at 09:05, Lee via Privoxy-users wrote:
> > On Thu, May 1, 2025 at 8:39 AM Ian Silvester wrote:
> >>
> >> My experience FWIW is that if I install as my daily driver account, even if that account has admin,
> >> upon reboot Privoxy throws an error that it cannot write to ./privoxy.log and dies. I find I have to
> >> use -install to avoid this issue. Same behaviour on Win 10 and 11.
> >
> > You probably took the default and installed Privoxy in "\Program files\Privoxy"
> > "c:\Program files" does not normally allow regular users to write to
> > anything there, so you can either
> >  a) do what I do and create a "c:\temp" that anyone can write to and
> > have privoxy logging set to "c:\temp\privoxy.log"
> > or
> >  b) modify file permissions on "c:\Program files\Privoxy" or
> > "c:\Program files\Privoxy\privoxy.log" to allow anyone to write there.
> > There's a FAQ for
> >   What to do if editing the config file of privoxy is access denied?
> > that's also applicable to the privoxy log file.
> >
> > Lee
> >
>
> Yes quite. Couldn't you alter the installer to offer a default location to which the user
> does have write access?

I don't know if windows has a place for installing software that
anyone can write to.
I'm guessing it doesn't because ransomware or anything else could take
advantage and replace programs in the "anyone can write here"
directory.

There are per-user directories that could be used - but they are one
per user so if you had say 3 users you'd have to have 3 installs of
privoxy.  And 3 separate config, action, filter files, etc.
On the other hand, per-user directories would be great for the privoxy
log file.  Having a single log file that everyone can read is a
security issue .. which is why logging was defaulted to off ages ago??
The problem is how to tell privoxy where the per-user file is :(  I
suppose the easiest way would be to add a '--logdir' command line
option to specify the logdir - eg

C:\cygwin\home\Lee\t>args_mingw.exe a b --logdir %LOCALAPPDATA%\privoxy
argv[0]: args_mingw.exe
argv[1]: a
argv[2]: b
argv[3]: --logdir
argv[4]: C:\Users\Lee\AppData\Local\privoxy

I just tried changing the privoxy startup shortcut to have
   %APPDATA%\privoxy\config.txt
as the config file parameter.  And it works :)
... at least on my windows 10 machine

So there is an easy way to have a per-user config file.  The downside
being an "include <this> file in the config" directive was never
implemented, so we're back to maintaining a config file per user.

On the other hand, it's highly probably a '--logdir whatever' command
line parameter could be added and that would get
1) a per-user log file
2) that doesn't have the "anyone can look at it" security problem so
we could enable logging again
3) and that most users will forget about, fill up their hard drive if
logging is enabled and cause who-knows-what problems.
which takes care of .. 80% of the problem?

> Or, if Windows doesn't allow that, include an explanation
> screen during install?

Are you offering to write this?

You'll notice that I didn't actually explain anything in FAQ for how
to fix windows file permissions - just showed an example of how to
"use the windows equivalent of sudo" and an example of using icacls to
fix individual file permissions problems.  Cargo cult documentation at
it's finest :)

> I feel like the 'out of the box' experience should work without
> the user having to know this.

Are you offering?

I can take a look at adding a --logdir command line param - that seems
like something I can do.
Adding an include directive to the config file processing seems a bit
much for me :(
as does interpreting %evar% directives in the config file

and as we've already seen, I think explaining windows file permissions
to users is beyond me.

Regards,
Lee