How can I create non-secure device object using RxRegisterMinirdr ?

I’m trying to have a non-admin user mode application send ioctls to a
FSD I’ve created using RDR. But when I use RxRegisterMinirdr the device
object that is created is secure and hence a non-admin user cannot send
ioctls to it. I know I’m taking a risk by having my device object be
open to malicious apps, but, how can I make the device object non-secure
? I don’t want to create another device object only for user-mode unless
that is my only option. Is there a flag or any other function that I can
use to make it *non-secure* ? Here is my call

status = RxRegisterMinirdr (&obj,

drv,

ops,

flags,

&name,

size,

FILE_DEVICE_NETWORK_FILE_SYSTEM,

FILE_REMOTE_DEVICE);

Thanks for any help or any pointers to information related to this.

Nope. That’s a hard coded ACL in the I/O Manager. The preferred
architecture for what you are trying to do is to set up a *service*.
Have the mortal user communicate with the service and have the service
send IOCTLs to your redirector.

Regards,

Tony

Tony Mason

Consulting Partner

OSR Open Systems Resources, Inc.

http://www.osr.com

Looking forward to seeing you at the next OSR File Systems class in
Boston, MA April 18-21, 2006.


From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Amitabh Mathrawala
Sent: Wednesday, March 22, 2006 5:56 PM
To: ntfsd redirect
Subject: [ntfsd] How can I create non-secure device object using
RxRegisterMinirdr ?

I’m trying to have a non-admin user mode application send ioctls to a
FSD I’ve created using RDR. But when I use RxRegisterMinirdr the device
object that is created is secure and hence a non-admin user cannot send
ioctls to it. I know I’m taking a risk by having my device object be
open to malicious apps, but, how can I make the device object non-secure
? I don’t want to create another device object only for user-mode unless
that is my only option. Is there a flag or any other function that I can
use to make it *non-secure* ? Here is my call

status = RxRegisterMinirdr (&obj,

drv,

ops,

flags,

&name,

size,

FILE_DEVICE_NETWORK_FILE_SYSTEM,

FILE_REMOTE_DEVICE);

Thanks for any help or any pointers to information related to this.


Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: unknown lmsubst tag argument:
‘’
To unsubscribe send a blank email to xxxxx@lists.osr.com

I understand that I am not following the preferred architecture. We have
a short release cycle and the only way to increase performance is to
trade off security. Making it a service will cause interprocess
communication which may decrease performance.

Do you think I could change the DACL of the device object and add the
everyone-RW SID to it and achieve my goal that way ?

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Tony Mason
Sent: Wednesday, March 22, 2006 3:47 PM
To: Windows File Systems Devs Interest List
Subject: RE: [ntfsd] How can I create non-secure device object using
RxRegisterMinirdr ?

Nope. That’s a hard coded ACL in the I/O Manager. The preferred
architecture for what you are trying to do is to set up a *service*.
Have the mortal user communicate with the service and have the service
send IOCTLs to your redirector.

Regards,

Tony

Tony Mason

Consulting Partner

OSR Open Systems Resources, Inc.

http://www.osr.com

Looking forward to seeing you at the next OSR File Systems class in
Boston, MA April 18-21, 2006.


From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Amitabh Mathrawala
Sent: Wednesday, March 22, 2006 5:56 PM
To: ntfsd redirect
Subject: [ntfsd] How can I create non-secure device object using
RxRegisterMinirdr ?

I’m trying to have a non-admin user mode application send ioctls to a
FSD I’ve created using RDR. But when I use RxRegisterMinirdr the device
object that is created is secure and hence a non-admin user cannot send
ioctls to it. I know I’m taking a risk by having my device object be
open to malicious apps, but, how can I make the device object non-secure
? I don’t want to create another device object only for user-mode unless
that is my only option. Is there a flag or any other function that I can
use to make it *non-secure* ? Here is my call

status = RxRegisterMinirdr (&obj,

drv,

ops,

flags,

&name,

size,

FILE_DEVICE_NETWORK_FILE_SYSTEM,

FILE_REMOTE_DEVICE);

Thanks for any help or any pointers to information related to this.


Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: unknown lmsubst tag argument:
‘’
To unsubscribe send a blank email to xxxxx@lists.osr.com


Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: unknown lmsubst tag argument:
‘’
To unsubscribe send a blank email to xxxxx@lists.osr.com

There is no documented way from kernel mode to change the DACL on your
device object (the APIs needed are not documented.) It’s pretty close,
but it isn’t quite documented. You could have a service (in UM) start
and change it (using UM APIs.)

I tried to write an article describing how to do this in W2K3 and found
there is exactly ONE missing API - see I believe that the ACLs on
devices should be as tight as one can make it. *I* like using a
dedicated service, in a dedicated service account, talking to my control
object that has an ACL that restricts access to only the dedicated
service account. Think of it as surface area reduction.

Ah, but I digress (a bad habit I’ve picked up in my old age.) If you
look at DeviceObject->SecurityDescriptor you’ll notice that is the SD on
your device. There’s no way to safely modify it and interlock against
other callers modifying it simultaneously. We’re just missing one API
to do it correctly.

Regards,

Tony

Tony Mason

Consulting Partner

OSR Open Systems Resources, Inc.

http://www.osr.com

Looking forward to seeing you at the next OSR File Systems class in
Boston, MA April 18-21, 2006.


From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Amitabh Mathrawala
Sent: Wednesday, March 22, 2006 7:20 PM
To: ntfsd redirect
Subject: RE: [ntfsd] How can I create non-secure device object using
RxRegisterMinirdr ?

I understand that I am not following the preferred architecture. We have
a short release cycle and the only way to increase performance is to
trade off security. Making it a service will cause interprocess
communication which may decrease performance.

Do you think I could change the DACL of the device object and add the
everyone-RW SID to it and achieve my goal that way ?

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Tony Mason
Sent: Wednesday, March 22, 2006 3:47 PM
To: Windows File Systems Devs Interest List
Subject: RE: [ntfsd] How can I create non-secure device object using
RxRegisterMinirdr ?

Nope. That’s a hard coded ACL in the I/O Manager. The preferred
architecture for what you are trying to do is to set up a *service*.
Have the mortal user communicate with the service and have the service
send IOCTLs to your redirector.

Regards,

Tony

Tony Mason

Consulting Partner

OSR Open Systems Resources, Inc.

http://www.osr.com

Looking forward to seeing you at the next OSR File Systems class in
Boston, MA April 18-21, 2006.


From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Amitabh Mathrawala
Sent: Wednesday, March 22, 2006 5:56 PM
To: ntfsd redirect
Subject: [ntfsd] How can I create non-secure device object using
RxRegisterMinirdr ?

I’m trying to have a non-admin user mode application send ioctls to a
FSD I’ve created using RDR. But when I use RxRegisterMinirdr the device
object that is created is secure and hence a non-admin user cannot send
ioctls to it. I know I’m taking a risk by having my device object be
open to malicious apps, but, how can I make the device object non-secure
? I don’t want to create another device object only for user-mode unless
that is my only option. Is there a flag or any other function that I can
use to make it *non-secure* ? Here is my call

status = RxRegisterMinirdr (&obj,

drv,

ops,

flags,

&name,

size,

FILE_DEVICE_NETWORK_FILE_SYSTEM,

FILE_REMOTE_DEVICE);

Thanks for any help or any pointers to information related to this.


Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: unknown lmsubst tag argument:
‘’
To unsubscribe send a blank email to xxxxx@lists.osr.com


Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: unknown lmsubst tag argument:
‘’
To unsubscribe send a blank email to xxxxx@lists.osr.com


Questions? First check the IFS FAQ at
https://www.osronline.com/article.cfm?id=17

You are currently subscribed to ntfsd as: unknown lmsubst tag argument:
‘’
To unsubscribe send a blank email to xxxxx@lists.osr.com