Hi all,
I’m trying to selectively block access to files from other processes once
they are opened.
I have this working for regular files by clearing
currentIrpStack->Parameters.Create.ShareAccess and
nextIrpStack->Parameters.Create.ShareAccess in the open.
I am now trying to achieve the same for executables, the above method
doesn’t work.
I’m currently investigating Parameters.Create.SecurityContext->DesiredAccess
as this (as far as I can tell) is where the only noticeable difference
occurs.
Best Regards,
Rob Linegar
Software Engineer
Data Encryption Systems Limited