Hi all,
I get STATUS_INVALID_OWNER trying to create a file using the security descriptor of another (so the security properties are the same).
The scenario is more or less like this. Lets say I am trying to create a sort of backup file for each file opened by Excel with write access, so when Excel opens a file A with write access, my minifilter creates a file B in a specific folder and it is created using the security descriptor of the source file A. The error appears with “.odf” extension.
To retrieve the security descriptor I use the following code:
auxSt = ObGetObjectSecurity(tFObj, &secDescriptor, &memAllocated);
And “secDescriptor” is passed to “InitializeObjectAttributes”.
I can reproduce the same error using “FltSetSecurityObject” once the file was created with no security information (NULL). The routine called is the following:
FltSetSecurityObject(vInst, vAuxFObj, securityInformation, secDescriptor);
where securityInformation is DACL_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | OWNER_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION;
and secDescriptor is retrieved using “ObGetObjectSecurity”.
If I modify the security information to copy, as securityInformation = DACL_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION, no error occurs.
Could anyone please explain me what is going on?
What is the difference between performing the action copying OWNER_SECURITY_INFORMATION and not copying it?
Is the destination folder permissions of the file being created somehow related to this error?
Thanks in advance!