Current WebDAV discussion reminded mi one question I was asked. A customer
has a WebDav client and would like to access data as from network drive. It
seem the easiest possibility for w2k/XP is simple IFS filter which redirects
all request to a directory with data cached by client (we already have such
a driver). It would have to block create requests and inform client which
files should be copied to cached and when done, complete the request. It
doesn’t seem as a big problem (if there is some, let me know, please). Well,
I know full redirector is better but the request was for something
affordable.
The problem is this application should work also on w9x. My question is if
it is even possible. I.e. block create requests at IFS hook, let user mode
application transfer data and complete the request. I remember reentrancy
problems and system wide mutex; however, is there some way? If isn’t, how
antiviruses work there – do all scanning in kernel mode?
Thanks.
Best regards,
Michal Vodicka
STMicroelectronics Design and Application s.r.o.
[michal.vodicka@st.com, http:://www.st.com]
This is certainly possible on 9x, as I’ve seen it done (wait in open, and
let user mode do its stuff - you have to handle reentrancy of course!)
It seems that open can be blocked, but I’m certain you cannot block read,
write and rename - as I’ve seen it deadlock quite soon after first try.
“Vodicka, Michal” wrote:
Current WebDAV discussion reminded mi one question I was asked. A customer
has a WebDav client and would like to access data as from network drive. It
seem the easiest possibility for w2k/XP is simple IFS filter which redirects
all request to a directory with data cached by client (we already have such
a driver). It would have to block create requests and inform client which
files should be copied to cached and when done, complete the request. It
doesn’t seem as a big problem (if there is some, let me know, please). Well,
I know full redirector is better but the request was for something
affordable.
The problem is this application should work also on w9x. My question is if
it is even possible. I.e. block create requests at IFS hook, let user mode
application transfer data and complete the request. I remember reentrancy
problems and system wide mutex; however, is there some way? If isn’t, how
antiviruses work there – do all scanning in kernel mode?
Thanks.
Best regards,
Michal Vodicka
STMicroelectronics Design and Application s.r.o.
[michal.vodicka@st.com, http:://www.st.com]
You are currently subscribed to ntfsd as: xxxxx@alfasp.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
–
Kind regards, Dejan M. MVP for DDK
http://www.alfasp.com E-mail: xxxxx@alfasp.com
Alfa Transparent File Encryptor - Transparent file encryption services.
Alfa File Protector - File protection and hiding library for Win32 developers.
Alfa File Monitor - File monitoring library for Win32 developers.
No, in Win9x world open can’t be blocked if there is Ring3 code involved in
handling. For blocked opens deadlock occurs much less often than for
reads/writes though. But they DO occur.
-----Original Message-----
From: Dejan Maksimovic [mailto:xxxxx@alfasp.com]
Sent: Wednesday, April 16, 2003 4:56 PM
To: File Systems Developers
Subject: [ntfsd] Re: OT: WebDAV and w9x
This is certainly possible on 9x, as I’ve seen it done (wait in open,
and
let user mode do its stuff - you have to handle reentrancy of course!)
It seems that open can be blocked, but I’m certain you cannot block
read,
write and rename - as I’ve seen it deadlock quite soon after first try.
“Vodicka, Michal” wrote:
Current WebDAV discussion reminded mi one question I was asked. A customer
has a WebDav client and would like to access data as from network drive.
It
seem the easiest possibility for w2k/XP is simple IFS filter which
redirects
all request to a directory with data cached by client (we already have
such
a driver). It would have to block create requests and inform client which
files should be copied to cached and when done, complete the request. It
doesn’t seem as a big problem (if there is some, let me know, please).
Well,
I know full redirector is better but the request was for something
affordable.
The problem is this application should work also on w9x. My question is if
it is even possible. I.e. block create requests at IFS hook, let user mode
application transfer data and complete the request. I remember reentrancy
problems and system wide mutex; however, is there some way? If isn’t, how
antiviruses work there – do all scanning in kernel mode?
Thanks.
Best regards,
Michal Vodicka
STMicroelectronics Design and Application s.r.o.
[michal.vodicka@st.com, http:://www.st.com]
You are currently subscribed to ntfsd as: xxxxx@alfasp.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
–
Kind regards, Dejan M. MVP for DDK
http://www.alfasp.com E-mail: xxxxx@alfasp.com
Alfa Transparent File Encryptor - Transparent file encryption services.
Alfa File Protector - File protection and hiding library for Win32
developers.
Alfa File Monitor - File monitoring library for Win32 developers.
You are currently subscribed to ntfsd as: xxxxx@borland.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
I know it’s completely possible, because I’ve seen it done. See
www.decros.com (their Protect product encryption line) for one example.
–
Kind regards, Dejan M. MVP for DDK
http://www.alfasp.com E-mail: xxxxx@alfasp.com
Alfa Transparent File Encryptor - Transparent file encryption services.
Alfa File Protector - File protection and hiding library for Win32
developers.
Alfa File Monitor - File monitoring library for Win32 developers.
You mean go to user-mode on 9x blocking reads and writes? They were able
to hack their way past the Win16 mutex plus the half-dozen or more
assorted other Win32 serialization locks? Dude, if Geoff Chappell says
something can’t be done, it can’t be done. 
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Dejan Maksimovic
Sent: Saturday, April 19, 2003 1:35 PM
To: File Systems Developers
Subject: [ntfsd] Re: OT: WebDAV and w9x
I know it’s completely possible, because I’ve seen it
done. See www.decros.com (their Protect product encryption
line) for one example.
–
Kind regards, Dejan M. MVP for DDK
http://www.alfasp.com E-mail: xxxxx@alfasp.com
Alfa Transparent File Encryptor - Transparent file encryption
services. Alfa File Protector - File protection and hiding
library for Win32 developers. Alfa File Monitor - File
monitoring library for Win32 developers.
You are currently subscribed to ntfsd as: xxxxx@nryan.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
I agree 100%. The Win16 mutex is the one that will bite you in the butt.
If you can not get around that in a reliable way, you are doomed.
Believe me; I have spent many, many hours in the past working on this
issue. Using SoftIce, I was consistently able to push the system past
the mutex issues, but it was nearly impossible to do programmatically in
a trusted way.
Remember ZipMagic 
Jamey
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Nicholas Ryan
Sent: Saturday, April 19, 2003 4:06 PM
To: File Systems Developers
Subject: [ntfsd] Re: OT: WebDAV and w9x
You mean go to user-mode on 9x blocking reads and writes? They were able
to hack their way past the Win16 mutex plus the half-dozen or more
assorted other Win32 serialization locks? Dude, if Geoff Chappell says
something can’t be done, it can’t be done. 
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Dejan Maksimovic
Sent: Saturday, April 19, 2003 1:35 PM
To: File Systems Developers
Subject: [ntfsd] Re: OT: WebDAV and w9x
I know it’s completely possible, because I’ve seen it
done. See www.decros.com (their Protect product encryption
line) for one example.
–
Kind regards, Dejan M. MVP for DDK
http://www.alfasp.com E-mail: xxxxx@alfasp.com
Alfa Transparent File Encryptor - Transparent file encryption
services. Alfa File Protector - File protection and hiding
library for Win32 developers. Alfa File Monitor - File
monitoring library for Win32 developers.
You are currently subscribed to ntfsd as: xxxxx@nryan.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
You are currently subscribed to ntfsd as: xxxxx@storagecraft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
How about checking before you decide?
Nicholas Ryan wrote:
You mean go to user-mode on 9x blocking reads and writes? They were able
to hack their way past the Win16 mutex plus the half-dozen or more
assorted other Win32 serialization locks? Dude, if Geoff Chappell says
something can’t be done, it can’t be done. 
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Dejan Maksimovic
> Sent: Saturday, April 19, 2003 1:35 PM
> To: File Systems Developers
> Subject: [ntfsd] Re: OT: WebDAV and w9x
>
>
>
> I know it’s completely possible, because I’ve seen it
> done. See www.decros.com (their Protect product encryption
> line) for one example.
>
> –
> Kind regards, Dejan M. MVP for DDK
> http://www.alfasp.com E-mail: xxxxx@alfasp.com
> Alfa Transparent File Encryptor - Transparent file encryption
> services. Alfa File Protector - File protection and hiding
> library for Win32 developers. Alfa File Monitor - File
> monitoring library for Win32 developers.
>
>
>
>
>
>
> —
> You are currently subscribed to ntfsd as: xxxxx@nryan.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
You are currently subscribed to ntfsd as: xxxxx@alfasp.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
–
Kind regards, Dejan M. MVP for DDK
http://www.alfasp.com E-mail: xxxxx@alfasp.com
Alfa Transparent File Encryptor - Transparent file encryption services.
Alfa File Protector - File protection and hiding library for Win32
developers.
Alfa File Monitor - File monitoring library for Win32 developers.
What happened about that? I didn’t know they used any FSF…
Remember ZipMagic 
–
Kind regards, Dejan M. MVP for DDK
http://www.alfasp.com E-mail: xxxxx@alfasp.com
Alfa Transparent File Encryptor - Transparent file encryption services.
Alfa File Protector - File protection and hiding library for Win32
developers.
Alfa File Monitor - File monitoring library for Win32 developers.
They had an FSD that proxies requests to user-mode for processing;
allowing the mounting of ZIP files. Under 9x, it would occasionally lock
up and you could trace it to the Win16 mutex.
Jamey
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Dejan Maksimovic
Sent: Saturday, April 19, 2003 5:10 PM
To: File Systems Developers
Subject: [ntfsd] Re: OT: WebDAV and w9x
What happened about that? I didn’t know they used any FSF…
Remember ZipMagic 
–
Kind regards, Dejan M. MVP for DDK
http://www.alfasp.com E-mail: xxxxx@alfasp.com
Alfa Transparent File Encryptor - Transparent file encryption services.
Alfa File Protector - File protection and hiding library for Win32
developers.
Alfa File Monitor - File monitoring library for Win32 developers.
You are currently subscribed to ntfsd as: xxxxx@storagecraft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
Thanks for all replies. It seems the conlusion is if it can be done, only
using dirty hacks. Personally, I don’t want to bother with w9x anymore but
the decision isn’t mine. Hopefully it’ll be discouraging enough 
Dejan, are you sure Decros really uses application there? I don’t see a good
reason for encryption product; is seems easier to do everything in kernel
mode. Well, I’ll probably examine it or ask them but don’t have time just
now.
Best regards,
Michal Vodicka
STMicroelectronics Design and Application s.r.o.
[michal.vodicka@st.com, http:://www.st.com]
From: xxxxx@alfasp.com[SMTP:xxxxx@alfasp.com]
Reply To: xxxxx@lists.osr.com
Sent: Sunday, April 20, 2003 2:09 AM
To: xxxxx@lists.osr.com
Subject: [ntfsd] Re: OT: WebDAV and w9x
How about checking before you decide?
Nicholas Ryan wrote:
> You mean go to user-mode on 9x blocking reads and writes? They were able
> to hack their way past the Win16 mutex plus the half-dozen or more
> assorted other Win32 serialization locks? Dude, if Geoff Chappell says
> something can’t be done, it can’t be done. 
>
> - Nicholas Ryan
>
> > -----Original Message-----
> > From: xxxxx@lists.osr.com
> > [mailto:xxxxx@lists.osr.com] On Behalf Of Dejan Maksimovic
> > Sent: Saturday, April 19, 2003 1:35 PM
> > To: File Systems Developers
> > Subject: [ntfsd] Re: OT: WebDAV and w9x
> >
> >
> >
> > I know it’s completely possible, because I’ve seen it
> > done. See www.decros.com (their Protect product encryption
> > line) for one example.
> >
> > –
> > Kind regards, Dejan M. MVP for DDK
> > http://www.alfasp.com E-mail: xxxxx@alfasp.com
> > Alfa Transparent File Encryptor - Transparent file encryption
> > services. Alfa File Protector - File protection and hiding
> > library for Win32 developers. Alfa File Monitor - File
> > monitoring library for Win32 developers.
> >
> >
> >
> >
> >
> >
> > —
> > You are currently subscribed to ntfsd as: xxxxx@nryan.com
> > To unsubscribe send a blank email to xxxxx@lists.osr.com
> >
>
> —
> You are currently subscribed to ntfsd as: xxxxx@alfasp.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
–
Kind regards, Dejan M. MVP for DDK
http://www.alfasp.com E-mail: xxxxx@alfasp.com
Alfa Transparent File Encryptor - Transparent file encryption services.
Alfa File Protector - File protection and hiding library for Win32
developers.
Alfa File Monitor - File monitoring library for Win32 developers.
You are currently subscribed to ntfsd as: michal.vodicka@st.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
I’m sure because a VXD cannot popup a Window and ask for a password on file
open.
I couldn’t believe it, but I se it actually works.
“Vodicka, Michal” wrote:
Thanks for all replies. It seems the conlusion is if it can be done, only
using dirty hacks. Personally, I don’t want to bother with w9x anymore but
the decision isn’t mine. Hopefully it’ll be discouraging enough 
Dejan, are you sure Decros really uses application there? I don’t see a good
reason for encryption product; is seems easier to do everything in kernel
mode. Well, I’ll probably examine it or ask them but don’t have time just
now.
–
Kind regards, Dejan M. MVP for DDK
http://www.alfasp.com E-mail: xxxxx@alfasp.com
Alfa Transparent File Encryptor - Transparent file encryption services.
Alfa File Protector - File protection and hiding library for Win32 developers.
Alfa File Monitor - File monitoring library for Win32 developers.
> ----------
From: xxxxx@alfasp.com[SMTP:xxxxx@alfasp.com]
Reply To: xxxxx@lists.osr.com
Sent: Monday, April 21, 2003 9:42 PM
To: xxxxx@lists.osr.com
Subject: [ntfsd] Re: OT: WebDAV and w9x
I’m sure because a VXD cannot popup a Window and ask for a password on
file
open.
I couldn’t believe it, but I se it actually works.
Only a dialog box? It shouldn’t be an unsolvable problem, I guess there are
methods how to run something simple which doesn’t use kernel in user mode
and return back. I vaguelly remember something like this (similar to APC?)
The real problem is to reenter kernel for other file or network call.
Best regards,
Michal Vodicka
STMicroelectronics Design and Application s.r.o.
[michal.vodicka@st.com, http:://www.st.com]
No, APC callback from a VXD to user mode (with no file I/O requirements from
the user mode) would also cause a hang.
Only a dialog box? It shouldn’t be an unsolvable problem, I guess there are
methods how to run something simple which doesn’t use kernel in user mode and
return back. I vaguelly remember something like this (similar to APC?) The
real problem is to reenter kernel for other file or network call.
–
Kind regards, Dejan M. MVP for DDK
http://www.alfasp.com E-mail: xxxxx@alfasp.com
Alfa Transparent File Encryptor - Transparent file encryption services.
Alfa File Protector - File protection and hiding library for Win32 developers.
Alfa File Monitor - File monitoring library for Win32 developers.
Hi all,
Definitely, in Windows 9X, there isn’t a right and good solution because of
Win16 mutex. Protect uses simple solution - when a key is requested during
encrypted file opening, user mode app (for servicing of key requests) is
called (by completion of IoCtl) , a timer is started and current thread is
blocked. Next, app send another IoCtl, which stops the timer. If this IoCtl
is not received within about 2 seconds, access to the file is denied and
thus the thread, which wants open the file, is released.
This solution prevents deadlocking between user request and key service app,
but there is a side effect: if above described situation occurs, there isn’t
happend during 2 seconds and consecutively pop-ups two dialogs - for key
entering and error message “Access to the file is denied”.
On other side, this situation isn’t so frequent:
- Win16 mutex is held mainly for 16-bit code, not for kernel32 -
CreateFile…
- Normally, keys are read in driver’s memory on startup, accordingly the
problem cannot come
Moreover, there isn’t any reliable method how detect holding of Win16 mutex
or another internal mutexes in Win9X kernel.
Luckily, these problems are a history…
BTW I am a developer of filter driver for our product, Protect…
Petr Borsodi, ICZ (formerly DECROS)
I know it’s completely possible, because I’ve seen it done. See
www.decros.com (their Protect product encryption line) for one example.
–
Kind regards, Dejan M. MVP for DDK
http://www.alfasp.com E-mail: xxxxx@alfasp.com
Alfa Transparent File Encryptor - Transparent file encryption services.
Alfa File Protector - File protection and hiding library for Win32
developers.
Alfa File Monitor - File monitoring library for Win32 developers.