I guess my other post was deleted for being a little too general, so I’ve refined it below:
The thing to do is make a custom action. It’s pretty straightforward, check out the MSDN walkthrough for writing a C# custom action here. You’ll put your permission-changing code inside the Install method:
Follow the first few steps from the link to get a new installer project referenced from your installer solution. You have to do it this way, so you can build a dll that is called at the end of installation.
Actually setting read/write privileges for Users was a little trickier, and the closest I could get was to set for Authenticated Users. I cobbled together a few other solutions I found on the Internet to come up with this:
public override void Install(IDictionary stateSaver)
{
// This gets the named parameters passed in from your custom action
string folder = Context.Parameters["folder"];
// This gets the "Authenticated Users" group, no matter what it's called
SecurityIdentifier sid = new SecurityIdentifier(WellKnownSidType.AuthenticatedUserSid, null);
// Create the rules
FileSystemAccessRule writerule = new FileSystemAccessRule(sid, FileSystemRights.Write, AccessControlType.Allow);
if (!string.IsNullOrEmpty(folder) && Directory.Exists(folder))
{
// Get your file's ACL
DirectorySecurity fsecurity = Directory.GetAccessControl(folder);
// Add the new rule to the ACL
fsecurity.AddAccessRule(writerule);
// Set the ACL back to the file
Directory.SetAccessControl(folder, fsecurity);
}
// Explicitly call the overriden method to properly return control to the installer
base.Install(stateSaver);
}
Then, when you create your custom action, edit its properties, and add something like this under the CustomActionData property:
/folder="[CommonAppDataFolder][ProductName]"