Can anyone tell me how do protect a word file (*.doc) from being writed ? If
I only intercept IRP_MJ_WRITE and IRP_MJ_SET_INFORMATION by comparing
filename£¬I cann’t block my *.doc files from being writed.
Any help is appreciated
thanks
slummer
i thought the easiest is to block any create to the doc if it requests for
write access?
Ampsi
----- Original Message -----
From: “slummer”
Newsgroups: ntfsd
To: “Windows File Systems Devs Interest List”
Sent: Wednesday, October 15, 2003 11:49
Subject: [ntfsd] How do protect a word file from being writed ?
Can anyone tell me how do protect a word file (*.doc) from being writed ? If
I only intercept IRP_MJ_WRITE and IRP_MJ_SET_INFORMATION by comparing
filename£¬I cann’t block my *.doc files from being writed.
Any help is appreciated
thanks
slummer
—
You are currently subscribed to ntfsd as: xxxxx@hotmail.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
> i thought the easiest is to block any create to the doc
if it requests for
write access?
No. MS-Office applications (and not only they) first create a TMP
file, save the content of the document into it, then rename the
temp file to the DOC.
I think to protect the DOC files, you have to block writes into
DOCs and renames to DOCs.
L.
–
Potrebujete vice prostoru pro vase stranky?
Ptejte se na http://sluzby.volny.cz/cs/product/ftp_paid
Ladislav Zezula:
Thank u for the responses! You suggest me blocking writes into DOCs and renames to DOCs, but i intercept irp by comparing filename, if I block writes into DOCs and renames to DOCs, I cann’t get the TMP filename.Can u tell me some other ways?
thanks
slummer
----- Original Message -----
From: “Ladislav Zezula”
To: “Windows File Systems Devs Interest List”
Sent: Wednesday, October 15, 2003 4:00 PM
Subject: [ntfsd] Re: How do protect a word file from being writed ?
> > i thought the easiest is to block any create to the doc
> > if it requests for
> > write access?
>
> No. MS-Office applications (and not only they) first create a TMP
> file, save the content of the document into it, then rename the
> temp file to the DOC.
>
> I think to protect the DOC files, you have to block writes into
> DOCs and renames to DOCs.
>
> L.
>
>
> –
> Potrebujete vice prostoru pro vase stranky?
> Ptejte se na http://sluzby.volny.cz/cs/product/ftp_paid
>
>
>
> —
> You are currently subscribed to ntfsd as: xxxxx@hotmail.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
> writes into DOCs and renames to DOCs, but i intercept
irp by comparing filename, if I block writes into DOCs
and renames to DOCs, I cann’t get the TMP filename.Can
u tell me some other ways?
You can block renames when the target file is a DOC.
In IRP_MJ_SET_INFORMATION, there is a parameters block inside
IO_STACK_LOCATION, which contains the file object of the target
file. If its name is a DOC, you have to return
STATUS_ACCESS_DENIED. This should be enough for blocking DOCs.
You have to keep blocking of IRP_MJ_WRITE as well. Or you can
decide to deny opening DOC files for write access (which is, by
my opinion, a better nethod).
L.
–
Potrebujete vice prostoru pro vase stranky?
Ptejte se na http://sluzby.volny.cz/cs/product/ftp_paid
although word saves first to tmp files then rename to doc files, there is a
possible scenario where blocking write access in create may just prevent
Word from performing the rename. if Word checks whether the file is writable
first by trying to open it with write access before renaming, this might
just do the trick.
another way i can think of is to set the doc file as read-only in all
creates to the doc file. in this case, the rename should fail because the
destination file is read-only.
of course, this are just my “simple” suggestions. nothing beats the blocking
of writes and renames to doc files, but this will require file tracking and
rename handling, both very complicated tasks…
Ampsi
----- Original Message -----
From: “Ladislav Zezula”
To: “Windows File Systems Devs Interest List”
Sent: Wednesday, October 15, 2003 16:00
Subject: [ntfsd] Re: How do protect a word file from being writed ?
> i thought the easiest is to block any create to the doc
> if it requests for
> write access?
No. MS-Office applications (and not only they) first create a TMP
file, save the content of the document into it, then rename the
temp file to the DOC.
I think to protect the DOC files, you have to block writes into
DOCs and renames to DOCs.
L.
–
Potrebujete vice prostoru pro vase stranky?
Ptejte se na http://sluzby.volny.cz/cs/product/ftp_paid
—
You are currently subscribed to ntfsd as: xxxxx@hotmail.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
Ampsi Ho:
Thanks for your helps,Can u tell me how to set the doc file as read-only in all creates to the doc file?
Thanks again
slummer
Why are you trying to do this in a FSD? Why aren’t you just using ACLs,
as they were designed, implemented, and tested? This seems like it adds
no value at all to the system, and requires you to do a lot of work,
just to get a very specialized, broken version of ACLs.
And why does everyone, in general, hate Word files?
– arlie
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of dwg
Sent: Thursday, October 16, 2003 10:15 PM
To: Windows File Systems Devs Interest List
Subject: [ntfsd] Re: How do protect a word file from being writed ?
Ampsi Ho:
Thanks for your helps,Can u tell me how to set the doc file as
read-only in all creates to the doc file?
Thanks again
slummer
b??.???????&?v?‘??jƫ-’???b?櫢???칻?&ޱ??i?Z?G?j)m?W???~?u???
X???,??&
There’s a good reason why someone would want a FSFD to do this and not
ACLs - simple reason is DRM.
I didn’t think people hate DOC files - I wouldn’t know why either.
Regards, Dejan.
Arlie Davis wrote:
Why are you trying to do this in a FSD? Why aren’t you just using ACLs,
as they were designed, implemented, and tested? This seems like it adds
no value at all to the system, and requires you to do a lot of work, just
to get a very specialized, broken version of ACLs.And why does everyone, in general, hate Word files?
–
Kind regards, Dejan M. MVP for DDK
http://www.alfasp.com E-mail: xxxxx@alfasp.com
Alfa Transparent File Encryptor - Transparent file encryption services.
Alfa File Protector - File protection and hiding library for Win32
developers.
Alfa File Monitor - File monitoring library for Win32 developers.
Dejan :
Thanks !
Can u tell me how to set the doc file as read-only in all creates to the doc
file?
“Maksimovic” wrote in message news:xxxxx@ntfsd…
>
>
> There’s a good reason why someone would want a FSFD to do this and not
> ACLs - simple reason is DRM.
> I didn’t think people hate DOC files - I wouldn’t know why either.
>
> Regards, Dejan.
>
> Arlie Davis wrote:
>
> > Why are you trying to do this in a FSD? Why aren’t you just using ACLs,
> > as they were designed, implemented, and tested? This seems like it adds
> > no value at all to the system, and requires you to do a lot of work,
just
> > to get a very specialized, broken version of ACLs.
> >
> > And why does everyone, in general, hate Word files?
>
> –
> Kind regards, Dejan M. MVP for DDK
> http://www.alfasp.com E-mail: xxxxx@alfasp.com
> Alfa Transparent File Encryptor - Transparent file encryption services.
> Alfa File Protector - File protection and hiding library for Win32
> developers.
> Alfa File Monitor - File monitoring library for Win32 developers.
>
>
>
>
The “bad” way is to just change access rights requested not to include WRITE
access - any write to the file would fail then. Disabling DELETE access would
prevent rename to that file. This is a bad way as you tell the caller he gets
the requested rights, but he doesn’t really have them.
The good way is to tell Access Denied in Create should the caller request
Write access. This will work correctly for Word, as Word will retry to open the
file in read-only mode.
What are you trying to accomplish as the end task?
Regards, Dejan.
slummer wrote:
Dejan :
Thanks !
Can u tell me how to set the doc file as read-only in all creates to the doc
file?
–
Kind regards, Dejan M. MVP for DDK
http://www.alfasp.com E-mail: xxxxx@alfasp.com
Alfa Transparent File Encryptor - Transparent file encryption services.
Alfa File Protector - File protection and hiding library for Win32 developers.
Alfa File Monitor - File monitoring library for Win32 developers.
The “bad” way will not prevent applications from writing to the file. It
will allow applications to overwrite read-only files.
File system does not check how the file was opened when it receives
IRP_MJ_WRITE, it is the responsibility of IoManager to perform this check.
When you change desired access below IoManager, on successful open IoManager
assumes that originally requested access is granted and will let write
requests through.On the other hand file system thinks that desired access is
read-only and will successfully open the file if the file has a read-only
attribute or is protected by ACL from being overwritten.
Alexei.
“Dejan Maksimovic” wrote in message news:xxxxx@ntfsd…
>
>
> The “bad” way is to just change access rights requested not to include
WRITE
> access - any write to the file would fail then. Disabling DELETE access
would
> prevent rename to that file. This is a bad way as you tell the caller he
gets
> the requested rights, but he doesn’t really have them.
> The good way is to tell Access Denied in Create should the caller
request
> Write access. This will work correctly for Word, as Word will retry to
open the
> file in read-only mode.
>
> What are you trying to accomplish as the end task?
>
> Regards, Dejan.
>
> slummer wrote:
>
> > Dejan :
> > Thanks !
> > Can u tell me how to set the doc file as read-only in all creates to the
doc
> > file?
>
> –
> Kind regards, Dejan M. MVP for DDK
> http://www.alfasp.com E-mail: xxxxx@alfasp.com
> Alfa Transparent File Encryptor - Transparent file encryption services.
> Alfa File Protector - File protection and hiding library for Win32
developers.
> Alfa File Monitor - File monitoring library for Win32 developers.
>
>
>
>
Umm, correct… I don’t know what made me think the I/O manager would
check the requested access rights when it wouldn’t know the FSF changed them:-)
Alexei Jelvis wrote:
The “bad” way will not prevent applications from writing to the file. It
will allow applications to overwrite read-only files.
File system does not check how the file was opened when it receives
IRP_MJ_WRITE, it is the responsibility of IoManager to perform this check.
When you change desired access below IoManager, on successful open IoManager
assumes that originally requested access is granted and will let write
requests through.On the other hand file system thinks that desired access is
read-only and will successfully open the file if the file has a read-only
attribute or is protected by ACL from being overwritten.Alexei.
“Dejan Maksimovic” wrote in message news:xxxxx@ntfsd…
> >
> >
> > The “bad” way is to just change access rights requested not to include
> WRITE
> > access - any write to the file would fail then. Disabling DELETE access
> would
> > prevent rename to that file. This is a bad way as you tell the caller he
> gets
> > the requested rights, but he doesn’t really have them.
> > The good way is to tell Access Denied in Create should the caller
> request
> > Write access. This will work correctly for Word, as Word will retry to
> open the
> > file in read-only mode.
> >
> > What are you trying to accomplish as the end task?
> >
> > Regards, Dejan.
> >
> > slummer wrote:
> >
> > > Dejan :
> > > Thanks !
> > > Can u tell me how to set the doc file as read-only in all creates to the
> doc
> > > file?
> >
> > –
> > Kind regards, Dejan M. MVP for DDK
> > http://www.alfasp.com E-mail: xxxxx@alfasp.com
> > Alfa Transparent File Encryptor - Transparent file encryption services.
> > Alfa File Protector - File protection and hiding library for Win32
> developers.
> > Alfa File Monitor - File monitoring library for Win32 developers.
> >
> >
> >
> >
>
> —
> You are currently subscribed to ntfsd as: xxxxx@alfasp.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
–
Kind regards, Dejan M. MVP for DDK
http://www.alfasp.com E-mail: xxxxx@alfasp.com
Alfa Transparent File Encryptor - Transparent file encryption services.
Alfa File Protector - File protection and hiding library for Win32 developers.
Alfa File Monitor - File monitoring library for Win32 developers.
i think Dejan has already replied on this. check the desired access and
reject those that requires write.
Ampsi
----- Original Message -----
From: “dwg”
To: “Windows File Systems Devs Interest List”
Sent: Friday, October 17, 2003 10:14
Subject: [ntfsd] Re: How do protect a word file from being writed ?
Ampsi Ho:
Thanks for your helps,Can u tell me how to set the doc file as read-only
in all creates to the doc file?
Thanks again
slummer
b‹šç.®·§¶\¬¹»®&ÞvÚ’µûjƦ¦È¡¢-™¨¥r‰“¢éì¹»®&Þ±éÝi¹ZžG¦j)m¢Wš½éí~Çuó^–±²
‹+