Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results

Home NTFSD
Before Posting...
Please check out the Community Guidelines in the Announcements and Administration Category.

More Info on Driver Writing and Debugging


The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.


Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/


Security object problem (STATUS_INVALID_OWNER)

Santiago_NavarroSantiago_Navarro Member Posts: 90
Hi all,

I get STATUS_INVALID_OWNER trying to create a file using the security descriptor of another (so the security properties are the same).

The scenario is more or less like this. Lets say I am trying to create a sort of backup file for each file opened by Excel with write access, so when Excel opens a file A with write access, my minifilter creates a file B in a specific folder and it is created using the security descriptor of the source file A. The error appears with ".odf" extension.
To retrieve the security descriptor I use the following code:

auxSt = ObGetObjectSecurity(tFObj, &secDescriptor, &memAllocated);
And "secDescriptor" is passed to "InitializeObjectAttributes".

I can reproduce the same error using "FltSetSecurityObject" once the file was created with no security information (NULL). The routine called is the following:

FltSetSecurityObject(vInst, vAuxFObj, securityInformation, secDescriptor);
where securityInformation is DACL_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | OWNER_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION;
and secDescriptor is retrieved using "ObGetObjectSecurity".

If I modify the security information to copy, as securityInformation = DACL_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION, no error occurs.

Could anyone please explain me what is going on?
What is the difference between performing the action copying OWNER_SECURITY_INFORMATION and not copying it?
Is the destination folder permissions of the file being created somehow related to this error?

Thanks in advance!

Comments

Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Upcoming OSR Seminars
OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead!
Kernel Debugging 30 Mar 2020 OSR Seminar Space
Developing Minifilters 15 Jun 2020 LIVE ONLINE
Writing WDF Drivers 22 June 2020 LIVE ONLINE
Internals & Software Drivers 28 Sept 2020 Dulles, VA