Routines manipulating these fields are : IoSetShareAccess,
IoUpdateShareAccess, IoCheckShareAccess and
IoRemoveShareAccess. These are called by the FSD.
So if you look at file object before passing the request
to the FSD fields like ReadAccess or SharedRead are
always not properly set.
Paul
-----P?vodn? zpr?va-----
Od: xxxxx@erinet.com [SMTP:xxxxx@erinet.com]
Odesl?no: 2. kv?tna 2000 13:37
Komu: File Systems Developers
P?edm?t: [ntfsd] how to obtain requestor’s intended operation
Hi all,
When intercept a file open request, if I look at the file object fields
got
through SoftIce, the following seems always FALSE.
ReadAccess, WriteAccess, DeleteAccess, SharedRead,
SharedWrite,SharedDelte.
I open the file with GENERAL_READ through CreateFile win32 API.
Am I looking the wrong place to detect the intended user operation mode ?
Thanx,
Jack Cheng
(Curriculum Corp.)
You are currently subscribed to ntfsd as: xxxxx@sodatsw.cz
To unsubscribe send a blank email to $subst(‘Email.Unsub’)
Thanks for the reply ! One more question hope you don’t mind,
Does this mean that I can check it using completion routine for
IRP_MJ_CREATE?
Thanks again,
Jack
(Curriculum Corp.)
On Tue, 2 May 2000, Pavel Hrdina wrote:
Routines manipulating these fields are : IoSetShareAccess,
IoUpdateShareAccess, IoCheckShareAccess and
IoRemoveShareAccess. These are called by the FSD.
So if you look at file object before passing the request
to the FSD fields like ReadAccess or SharedRead are
always not properly set.
Paul
> -----P?vodn? zpr?va-----
> Od: xxxxx@erinet.com [SMTP:xxxxx@erinet.com]
> Odesl?no: 2. kv?tna 2000 13:37
> Komu: File Systems Developers
> P?edm?t: [ntfsd] how to obtain requestor’s intended operation
>
> Hi all,
>
> When intercept a file open request, if I look at the file object fields
> got
> through SoftIce, the following seems always FALSE.
>
> ReadAccess, WriteAccess, DeleteAccess, SharedRead,
> SharedWrite,SharedDelte.
>
> I open the file with GENERAL_READ through CreateFile win32 API.
>
> Am I looking the wrong place to detect the intended user operation mode ?
>
> Thanx,
>
> Jack Cheng
> (Curriculum Corp.)
>
> —
> You are currently subscribed to ntfsd as: xxxxx@sodatsw.cz
> To unsubscribe send a blank email to $subst(‘Email.Unsub’)
You are currently subscribed to ntfsd as: xxxxx@erinet.com
To unsubscribe send a blank email to $subst(‘Email.Unsub’)
If you only want to know user’s desired access at the time before
you pass the request to the underlying FSD try to look at
current Irp stack location ->Parameters.Create.SecurityContext.
There is a filed called DesiredAccess which you’re probably looking for.
Paul
Thanks Paul, that is very helpful information !
Jack
On Tue, 2 May 2000, Pavel Hrdina wrote:
If you only want to know user’s desired access at the time before
you pass the request to the underlying FSD try to look at
current Irp stack location ->Parameters.Create.SecurityContext.
There is a filed called DesiredAccess which you’re probably looking for.
Paul
You are currently subscribed to ntfsd as: xxxxx@erinet.com
To unsubscribe send a blank email to $subst(‘Email.Unsub’)