Ordinary users could not communicate with file system driver

NTFSD
1

Hi, I need to let an ordinary user send down an encryption key to my
driver. How can I accomplish that?

What I’m doing now is to use CreateFile() to obtain a handle to the driver
and use that handle to send control messages to the driver.

This, however, only works under an Administrator user. Ordinary users
fail to obtain the handle using CreateFile().

Thanks

Zelin

2

The device object you created to communicate with user-mode is
ACL-protected & you probably have the FILE_DEVICE_SECURE_OPEN
characterestic set (and your device object type is
FILE_DEVICE_DISK_FILE_SYSTEM - for which the default ACL is pretty
strong). Or maybe in your create dispatch for the device object you
authenticate yourself.

In either case the way to let non-Admin/Systems to communicate with the
device is to set your own ACL on the device object which grants users
access to open handles to the device.

However now you run the risk that those ‘ordinary’ much
lesser-privileged users can open handles & send down IOCTLs etc. to your
driver. You need to worry about spoofing, about malicious apps etc. &
make your code airtight. This is not to discourage you from doing this -
just a warning.

Ravi

his posting is provided “AS IS” with no warranties, and confers no
rights.

-----Original Message-----
From: Michael [mailto:xxxxx@singnet.com.sg]
Sent: Wednesday, May 22, 2002 8:43 PM
To: File Systems Developers
Subject: [ntfsd] Ordinary users could not communicate with file system
driver

Hi, I need to let an ordinary user send down an encryption key to my
driver. How can I accomplish that?

What I’m doing now is to use CreateFile() to obtain a handle to the
driver and use that handle to send control messages to the driver.

This, however, only works under an Administrator user. Ordinary users
fail to obtain the handle using CreateFile().

Thanks

Zelin

You are currently subscribed to ntfsd as: xxxxx@windows.microsoft.com
To unsubscribe send a blank email to %%email.unsub%%

3

>driver. You need to worry about spoofing, about malicious apps etc. &

make your code airtight.

These isssues must be taken into account anyway, even if the DO is
well-secured.

BTW - storing persistent ACLs in Enum registry and providing a GUI in
Device Manager to manage them could be a good idea, since NT lacks
this ability.

Max