access validation

Is it sufficient to validate access rights, only in create(MJ_CREATE) path?
Do I need to check in all other path like MJ_READ,MJ_WRITE, etc.,.

You should only do it in create. If the user can’t open the file, he
generally can’t do anything else with it (with a very few exceptions,
such as destructive rename).

  • Nicholas Ryan

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Ramaraj Pandian
Sent: Monday, March 31, 2003 5:42 PM
To: File Systems Developers
Subject: [ntfsd] access validation

Is it sufficient to validate access rights, only in
create(MJ_CREATE) path? Do I need to check in all other path
like MJ_READ,MJ_WRITE, etc.,.


You are currently subscribed to ntfsd as: xxxxx@nryan.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

Thanks Nicholas, Do you mean MJ_SET_INFO with rename class?. How can I
validate access for that?

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Nicholas Ryan
Sent: Monday, March 31, 2003 6:11 PM
To: File Systems Developers
Subject: [ntfsd] RE: access validation

You should only do it in create. If the user can’t open the file, he
generally can’t do anything else with it (with a very few exceptions,
such as destructive rename).

  • Nicholas Ryan

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Ramaraj Pandian
Sent: Monday, March 31, 2003 5:42 PM
To: File Systems Developers
Subject: [ntfsd] access validation

Is it sufficient to validate access rights, only in
create(MJ_CREATE) path? Do I need to check in all other path
like MJ_READ,MJ_WRITE, etc.,.


You are currently subscribed to ntfsd as: xxxxx@nryan.com
To unsubscribe send a blank email to xxxxx@lists.osr.com


You are currently subscribed to ntfsd as: xxxxx@vormetric.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

If somebody’s trying to rename over your file and the ‘ReplaceIfExists’
member of the FILE_RENAME_INFORMATION is TRUE, then you’ve got to block
that operation if you don’t want your file to be deleted. At least with
FastFat, the target file is replaced by the filesystem without a handle
being opened to that file first.

  • Nicholas Ryan

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Ramaraj Pandian
Sent: Monday, March 31, 2003 6:42 PM
To: File Systems Developers
Subject: [ntfsd] RE: access validation

Thanks Nicholas, Do you mean MJ_SET_INFO with rename class?.
How can I validate access for that?

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On > Behalf Of
Nicholas Ryan
Sent: Monday, March 31, 2003 6:11 PM
To: File Systems Developers
Subject: [ntfsd] RE: access validation

You should only do it in create. If the user can’t open the
file, he generally can’t do anything else with it (with a
very few exceptions, such as destructive rename).

  • Nicholas Ryan

> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of
Ramaraj Pandian
> Sent: Monday, March 31, 2003 5:42 PM
> To: File Systems Developers
> Subject: [ntfsd] access validation
>
>
> Is it sufficient to validate access rights, only in
> create(MJ_CREATE) path? Do I need to check in all other path like
> MJ_READ,MJ_WRITE, etc.,.
>
>
>
>
>
> —
> You are currently subscribed to ntfsd as: xxxxx@nryan.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>


You are currently subscribed to ntfsd as:
xxxxx@vormetric.com To unsubscribe send a blank email to
xxxxx@lists.osr.com


You are currently subscribed to ntfsd as: xxxxx@nryan.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

>Is it sufficient to validate access rights, only in create(MJ_CREATE)

path?
Do I need to check in all other path like MJ_READ,MJ_WRITE, etc.,.

User specifies DesiredAccess during create. This DesiredAccess is
validated by File System checking file properties and user security.
Following operations like read, write are validated against requested
DesiredAccess, not user access rights. This validation is preformed by
IoManager, file system should not worry about it. Actually file opened for
ReadOnly access may recieve PagingIO write request and file system
shouldn’t deny it.
Actually there are some exceptions when file system validates FSCTL in
addition to validation based on DesiredAccess that is done by IoManager.

Alexei.