No, you don’t need a driver, but the thing
you need is some privilege probably.
To read a SACL you need SeSecurityPrivilege
while for some file which is completely
inaccessible the SeBackupRestorePrivilege
may be helpful.
Privileges are usually enabled only for some
particular thread, not to the whole process.
So, open and duplicate a process token,
then set it as a thread token, then enable
the privileges you want. Then you can do
your task and after you have finished, the
thread can be either terminated or its
token should be cleared.
Routines for working with tokens are not
restricted to NT API, they are also accessible
through advapi32.dll and well documented
in MSDN Library.
Paul
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Ken Galipeau
Sent: Wednesday, January 16, 2002 5:01 PM
To: File Systems Developers
Cc: NTFSD
Subject: [ntfsd] RE: Can You Help Me?
I think you meant to send this to the ntfsd list? Which is:
xxxxx@lists.osr.com
Also, I don’t have an answer to you question.
ken
-----Original Message-----
From: fmm [mailto:xxxxx@argosoft.net]
Sent: Wednesday, January 16, 2002 3:12 AM
To: xxxxx@legato.com
Subject: Can You Help Me?
Dear friend:
Hi.
I want to get all file security attribute of one volume under the
native mode. but the security attribute of some files(can not be access by
everyone) could not be gotten . ZwCreateFile and ZwQuerySecurityObject
routine been called in my program. probably I need call the driver
below me with an IRP_MJ_QUERY_SECURITY major function . But I do not know
how to do. maybe you can give me some advice.
Thanks a million!
fmm
2002 1/16
You are currently subscribed to ntfsd as: xxxxx@compelson.com
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com
You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com