I got the following info from IFS kit.
“Because a filter device object is attached to a file
system or volume driver stack, assigning a name to the
filter DO would create a system security hole.”
What kind of security hole will be created if I name
the filter DO?
Thanks.
Michael
Post your free ad now! http://personals.yahoo.ca
The documentation you are talking about refers to creating a “Volume
Device Object” (VDO) that a filter uses to attach to volumes and file
system control device objects (CDO). These device objects should never
be named.
Naming them gives an alternate way of accessing a volume which is
unintended and could cause security issues. Please follow the rules.
The control device object (CDO) for the filter itself should be named.
Unless you have a good reason not to do this you should also specify the
FILE_DEVICE_SECURE_OPEN flag when creating a filters CDO, this prevents
non-admins from being able to open it.
When in doubt about these types of issues please follow what the IFSKit
samples do.
Did this answer your question?
Neal Christiansen
Microsoft File System Filter Group Lead
This posting is provided “AS IS” with no warranties, and confers no
rights.
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Michael Zhu
Sent: Thursday, July 15, 2004 1:56 PM
To: Windows File Systems Devs Interest List
Subject: [ntfsd] Filter device object name
I got the following info from IFS kit.
“Because a filter device object is attached to a file
system or volume driver stack, assigning a name to the
filter DO would create a system security hole.”
What kind of security hole will be created if I name
the filter DO?
Thanks.
Michael
Post your free ad now! http://personals.yahoo.ca
Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17
You are currently subscribed to ntfsd as: xxxxx@windows.microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com