Windows: Allow normal (non-elevated) programs to write to Program Files directory

I am tired of old applications behaving strangely because they cannot write to the "Program Files" directory. I don't want to have to manually set them to run as administrator, and I am not particularly concerned about security--in addition to trusting the applications I run, I only ever boot into Windows to run games (so the partition doesn't contain any valuable data), and I usually end up reinstalling Windows every couple of months anyway.

How can I make Program Files and Program Files (x86) into normal directories (from a permissions perspective) that every application is able to write to, regardless of permissions?

I happen to be running Windows 10 at the moment, but ideally I'd like to know how to do this on 8/7/Vista as well, for future reference.

Edit: I should note that I happen to be using an enterprise edition of Windows 10, so I can modify group policies or whatever else if need be.


You can get applications to write to Program Files by changing the folder's security settings.

  1. Go to properties and select the Security tab.
  2. Click Advanced.

    enter image description here

  3. Change ownership to your own account instead of TrustedInstaller, and let it propagate. This allows you to add yourself to the list of principals.
  4. Click 'Add' and type your username, press 'Check names' and it autocorrects.

Now you can add 'Full control' for your username, and all applications you run should be able to write to this folder and its subfolders.

This helped me get Chrome to save OpenVPN profiles directly to its install directory.


Due to security features introduced with Windows Vista (UAC) any non-Administrator program that tries to write to protected locations such as "Program Files" will get their writes caught and redirected to an alternative "user friendly" location.

Wikipedia states (and I've highlighted the relevant section):

Applications written with the assumption that the user will be running with administrator privileges experienced problems in earlier versions of Windows when run from limited user accounts, often because they attempted to write to machine-wide or system directories (such as Program Files) or registry keys (notably HKLM). UAC attempts to alleviate this using File and Registry Virtualization, which redirects writes (and subsequent reads) to a per-user location within the user’s profile. For example, if an application attempts to write to “C:\program files\appname\settings.ini” and the user doesn’t have permissions to write to that directory, the write will get redirected to “C:\Users\username\AppData\Local\VirtualStore\Program Files\appname\settings.ini”.

This just isn't something you can't change. This is intentional.