Hi,
I want to ask a question.
How to assure that a created file is deleted on restart?
I want it to be done at filter driver.
I know at application level we have got Pending Rename Operations to
acheive the same.
Thanks,
Rohit
If you need not assure that no data leaks (from accessing the disk
directly), then you can just add the FILE_FLAG_DELETE_ON_CLOSE bit.
This won’t handle crashes, but it would suite you.
If you need to assure that no data leaks, then, do the above, just
encrypt the on disk data, with randomly generated password, so that
noone can guess it.
Rohit wrote:
Hi,
I want to ask a question.How to assure that a created file is deleted on restart?
I want it to be done at filter driver.
I know at application level we have got Pending Rename Operations to
acheive the same.Thanks,
Rohit
You are currently subscribed to ntfsd as: xxxxx@alfasp.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
–
Kind regards, Dejan M. MVP for DDK
http://www.alfasp.com E-mail: xxxxx@alfasp.com
Alfa Transparent File Encryptor - Transparent file encryption services.
Alfa File Protector - File protection and hiding library for Win32
developers.
Alfa File Monitor - File monitoring library for Win32 developers.
Hi,
Isn’t there a solution where file is deleted on reboot, but the method
also works in the case of power off(crashes).
Thanks
Lalit.
From user mode you can use the MoveFileEx API to mark a file to be
deleted next time the computer starts up. MoveFileEx works by setting
some registry entries - from kernel-mode, you can make these registry
entries directly and have the same effect. See the MSDN docs on this API
for details.
- Nick Ryan
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Lalit S. Rana
Sent: Friday, June 06, 2003 10:47 AM
To: File Systems Developers
Subject: [ntfsd] Re: Deletion of Created files on RestartHi,
Isn’t there a solution where file is deleted on reboot, but
the method also works in the case of power off(crashes). Thanks Lalit.
You are currently subscribed to ntfsd as: xxxxx@nryan.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
Hi Nick,
This is known to me, the pending rename operations are not very robust a
solution. Isn’t there something from the Kernel level that we can do to
delete the files on restart.
Thanks,
Lalit
? Tell me how this is not a robust solution. These keys are in
HKEY_LOCAL_SYSTEM so they are protected against non-administrator
meddling. If you want the files to ‘magically’ disappear in the event of
system crash BEFORE the computer boots up again, you are asking the
impossible. Encrypt them with a random key (stored only in memory) like
I think Dejan suggested, and the file’s data will be forever
unretrievable upon restart. Or use a ram disk.
- Nick Ryan
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Lalit S. Rana
Sent: Friday, June 06, 2003 11:13 AM
To: File Systems Developers
Subject: [ntfsd] Re: Deletion of Created files on RestartHi Nick,
This is known to me, the pending rename operations are not
very robust a solution. Isn’t there something from the Kernel
level that we can do to delete the files on restart. Thanks, Lalit
You are currently subscribed to ntfsd as: xxxxx@nryan.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
Hi Rohit.
I had posted a similar question in this list but got no good solution.
If you get any then apprise me of that.
Thanks.
Lalit…
I wish to delete(on reboot) all the files & folders which are newly
created on a specific session.
I have thought the following views to do it.
1). Using wininit or winbatch to rename the file to NUL, so that the
files are deleted automatically on reboot.
2). To open a handle of each created file with delete on close tag and
not closing these handles until the system is restarted.
3) I should maintain a linked list and on SHUTDOWN delete all the newly
created file.
I think the third method is the best but it will not work if the user
does power off instead of proper shutdown, same problem may come in the
second case. In the first case a user can change the entry of wininit
to disable deletion. Doesn’t windows provide a tag for new created
files which indicates that the files should be deleted on shutdown or
on restart.
Just do what you’re asking for. If they are bundled in a folder,
ZwQueryDirectoryFile + ZwCreateFile + DELETE_ON_CLOSE will do it.
----- Original Message -----
From: “Lalit S. Rana”
To: “File Systems Developers”
Sent: Friday, June 06, 2003 7:46 PM
Subject: [ntfsd] Re: Deletion of Created files on Restart
> Hi,
> Isn’t there a solution where file is deleted on reboot, but the method
> also works in the case of power off(crashes).
> Thanks
> Lalit.
>
> —
> You are currently subscribed to ntfsd as: xxxxx@linkwave.org
> To unsubscribe send a blank email to xxxxx@lists.osr.com
The MoveFileEx with the delete on reboot flag would work - but it can
be overcome.
Like I said, if your main goal is security, use encryption! If it’s
just a feature of your program, no need for fail safe security, then just
use your program to erase the files.
Isn’t there a solution where file is deleted on reboot, but the method
also works in the case of power off(crashes).
–
Kind regards, Dejan M. MVP for DDK
http://www.alfasp.com E-mail: xxxxx@alfasp.com
Alfa Transparent File Encryptor - Transparent file encryption services.
Alfa File Protector - File protection and hiding library for Win32
developers.
Alfa File Monitor - File monitoring library for Win32 developers.
Is this method Crash Proof.
i.e. Power off will also delete the files.
Lalit.
“Tobias” wrote in message news:xxxxx@ntfsd…
>
> Just do what you’re asking for. If they are bundled in a folder,
> ZwQueryDirectoryFile + ZwCreateFile + DELETE_ON_CLOSE will do it.
>
> ----- Original Message -----
> From: “Lalit S. Rana”
> To: “File Systems Developers”
> Sent: Friday, June 06, 2003 7:46 PM
> Subject: [ntfsd] Re: Deletion of Created files on Restart
>
>
> > Hi,
> > Isn’t there a solution where file is deleted on reboot, but the method
> > also works in the case of power off(crashes).
> > Thanks
> > Lalit.
> >
> > —
> > You are currently subscribed to ntfsd as: xxxxx@linkwave.org
> > To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
>
>
What is the basic functionality of delete on close.
The documentation says when the last handle to the file is lost the file
gets deleted. Doesn’t power off means losing the handle.
Lalit
“Dejan Maksimovic” wrote in message news:xxxxx@ntfsd…
>
>
> If you need not assure that no data leaks (from accessing the disk
> directly), then you can just add the FILE_FLAG_DELETE_ON_CLOSE bit.
> This won’t handle crashes, but it would suite you.
> If you need to assure that no data leaks, then, do the above, just
> encrypt the on disk data, with randomly generated password, so that
> noone can guess it.
>
> Rohit wrote:
>
> > Hi,
> > I want to ask a question.
> >
> > How to assure that a created file is deleted on restart?
> >
> > I want it to be done at filter driver.
> > I know at application level we have got Pending Rename Operations to
> > acheive the same.
> >
> > Thanks,
> > Rohit
> >
> > —
> > You are currently subscribed to ntfsd as: xxxxx@alfasp.com
> > To unsubscribe send a blank email to xxxxx@lists.osr.com
>
> –
> Kind regards, Dejan M. MVP for DDK
> http://www.alfasp.com E-mail: xxxxx@alfasp.com
> Alfa Transparent File Encryptor - Transparent file encryption services.
> Alfa File Protector - File protection and hiding library for Win32
> developers.
> Alfa File Monitor - File monitoring library for Win32 developers.
>
>
>
>
>
Yes, it is not crash proof.
There is no way you can assure file name is deleted in case of crash. The
best you can do is make sure the data is useless, and try to “hide” the file
by deleting it from your application on next boot.
“Lalit S. Rana” wrote:
What is the basic functionality of delete on close.
The documentation says when the last handle to the file is lost the file
gets deleted. Doesn’t power off means losing the handle.
–
Kind regards, Dejan M. MVP for DDK
http://www.alfasp.com E-mail: xxxxx@alfasp.com
Alfa Transparent File Encryptor - Transparent file encryption services.
Alfa File Protector - File protection and hiding library for Win32 developers.
Alfa File Monitor - File monitoring library for Win32 developers.
Is deleting files/folders manually at boot time crash proof? Yes, it is.
----- Original Message -----
From: “Lalit S. Rana”
Newsgroups: ntfsd
To: “File Systems Developers”
Sent: Saturday, June 07, 2003 7:22 PM
Subject: [ntfsd] Re: Deletion of Created files on Restart
> Is this method Crash Proof.
> i.e. Power off will also delete the files.
>
> Lalit.
>
> “Tobias” wrote in message news:xxxxx@ntfsd…
> >
> > Just do what you’re asking for. If they are bundled in a folder,
> > ZwQueryDirectoryFile + ZwCreateFile + DELETE_ON_CLOSE will do it.