Statement of the problem ::
Assumption an external very portable storage can be handed out for
SHARING information(s), so there is hardly any concept of usr/admin, and
it is well beyond directory services etc…
Scenario::
Owner of the informations would like to gurard certain informations at
the lowest level by file, at the highest level by volume, and all in
between …
Experimentally(not for production) - I tried to trap ZwOpen*(),
ZwCreate*(), etc to control this ! It might not be exhaustive, and that
bothers me bigtime for possibly not capturing the whole spectrum…
Again it is for experimenting to carry the knowledge (somewhat) to a
file filter. Command line, echo, rename, del and other varities seems
okay, also explorer and notepad or any other hex-editor ( some random
experiment) satisfies sleepy eyes. NOW as you can see, it is a pureplay
of taking-away some access privileges etc…
Under file-filter, assuming that would be the right place ( note we even
don’t want someone w/o permission takes the storage and formats it ) I
was trying to play with some of the Create and Write dispatch trapping,
and found that it does some of the work as I expected, but surely it is
not complete, since rename, set-information etc are not taken care of
yet …
So is it the right approach ?. If so, then is there a discussion about
covering all possible ways for tampering file, folder etc ( like setting
attributes, truncate, delete, … Anything of those natures)…
Somewhere I read that filter manager is going to make it easy !!
For infos, I skimmed thru the fsd-faq, and filter driver doc that comes
w the ifsk.
-pro