Just note to your code setting the security information - you don’t need to set all four security information classes separately; you can do the in single call, using OWNER_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION.
Is it necessary to do anything special with encrypted files? In usermode advapi32 exports DuplicateEncryptionInfoFile. Does that need to be done and if so, how do you know when to do it?
Yes, it’s necessary to do special things with encrypted files.
Now - what are you asking? Copying an encrypted file from a driver? If so,
in what context? Decrypting the file? Trying to access advapi32 from
kernel mode?
What’s your question?
Ken
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@charter.net
Sent: Monday, April 12, 2010 7:36 PM
To: Windows File Systems Devs Interest List
Subject: RE:[ntfsd] Copy file from one location to other
Is it necessary to do anything special with encrypted files? In usermode
advapi32 exports DuplicateEncryptionInfoFile. Does that need to be done and
if so, how do you know when to do it?
NTFSD is sponsored by OSR
For our schedule of debugging and file system seminars
(including our new fs mini-filter seminar) visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
Well, Ken, the thread is about copying a file in a driver. So, yes, suppose I have a copy-on-write scenario, I am a filter driver, and the file is an encrypted file. I need to replicate the file to a different volume, which may or may not support the EFS in question. Besides copying all the bits in all the streams, EAs, attributes, and possibly the SD what else do I need to do specifically to handle an encrypted file. I basically want to ensure I don’t break anything by not copying or setting the write properties.
I think this thread has covered all the other aspects of copying the file. If not the other tasks are clear to me than this one.
Copying encrypted files is messy, and very difficult in a driver. Hence the
questions.
If the driver is running in the context of the file owner, then you’ll get
the data unencrypted so you can copy the file to the “different volume,
which may or may not support the EFS in question”.
A user-mode process with appropriate privileges (SeBackupPrivilege and
SeRestorePrivilege) can use special routines like OpenEncryptedFileRaw,
ReadEncryptedFileRaw, and WriteEncryptedFileRaw to actually copy the
encrypted data to another volume. It won’t be readable on that volume, but
you would be able to restore that file and read it if it’s for backup
purposes.
If you want the unencrypted data and you’re not in the owner’s context,
you’ll have to impersonate the owner and copy it that way.
So basically, although “the thread is about copying a file in a driver”, you
may have to do something outside the driver to accomplish what you want.
Ken
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@charter.net
Sent: Tuesday, April 13, 2010 8:38 AM
To: Windows File Systems Devs Interest List
Subject: RE:[ntfsd] Copy file from one location to other
Well, Ken, the thread is about copying a file in a driver. So, yes, suppose
I have a copy-on-write scenario, I am a filter driver, and the file is an
encrypted file. I need to replicate the file to a different volume, which
may or may not support the EFS in question. Besides copying all the bits in
all the streams, EAs, attributes, and possibly the SD what else do I need to
do specifically to handle an encrypted file. I basically want to ensure I
don’t break anything by not copying or setting the write properties.
I think this thread has covered all the other aspects of copying the file.
If not the other tasks are clear to me than this one.
NTFSD is sponsored by OSR
For our schedule of debugging and file system seminars
(including our new fs mini-filter seminar) visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer