I have a partial fix for this, which is to say I have a ridiculous hack, but it is better than making the LoggingData folder writable by anyone on every computer.
1. Create a network share on a Windows file server somewhere, call it something like:
\\server\share\fixforAlice
2. For the folder "FixforAlice", go to Properties -> Security -> Advanced -> Change Permissions ->
Add "Everyone", applying to "This folder, subfolder, and files"
NO - Full Control
NO - Traverse/Execute
Yes - List/Read
Yes - Read Attributes
Yes - Read Extended Attributes
Yes - Create files / write data
NO - Create folders / append data
Yes - Write Attributes
Yes - Write Extended Attributes
NO - Delete subfolders and files
NO - Delete
Yes - Read permissions
NO - Change permissions
NO - Take ownership
This allows the program to write log files but users can't run programs from here or delete anything they put here.
3. Assuming C:\Program Files
open Command prompt, run as Administrator (if UAC is active)
cd C:\Program Files\Alice ....
cd Required
rd LoggingData
mklink /D LoggingData "\\server\share\fixforAlice"
========================
Now when any program tries to access
- "C:\Program Files\Alice 2.2b\Required\Logging Data"
It is instead redirected to:
- "\\server\share\fixforAlice"
And the permissions limit what students can do with that share, and prevent deletion of files if any students try to put their own files in there.
The downside is that the logs keep on accumulating but fortunately they are only a few kilobytes each.
If you want to go further, you can apply a directory quota on the share so that it cannot store more than a few megabytes. Looking at the log file sizes, setting the share's maximum size to 1-2 megs should get you through the year.