Virtual disk and XP

NTDEV
1

Hello,

We are writting a virtual volume driver, to support Encryption/Decrypti=
on,
“a la” PGP. What I care about is the fast user switching feature in =
XP.
Is there a way to detect it from Kernel mode?
The thing is that, if I have a user A which mounts virtual volumes and =
we
switch to user B, will B see the virtual volumes of user A?
In this case, I suppose that volumes are per machine basis, and not pe=
r
user basis. Am I wrong?

R=E9jean Caron - xxxxx@motus.com
Motus Technologies inc.
(418) 521-2100 ext. 292

You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

2

Try to implement security options (like NTFS).

Alexey Logachyov
xxxxx@vba.com.by
VirusBlokAda ltd.
http://www.vba.com.by

----- Original Message -----
From:
To: “NT Developers Interest List”
Sent: Friday, November 30, 2001 3:55 PM
Subject: [ntdev] Virtual disk and XP

> Hello,
>
> We are writting a virtual volume driver, to support Encryption/Decryption,
> “a la” PGP. What I care about is the fast user switching feature in XP.
> Is there a way to detect it from Kernel mode?
> The thing is that, if I have a user A which mounts virtual volumes and we
> switch to user B, will B see the virtual volumes of user A?
> In this case, I suppose that volumes are per machine basis, and not per
> user basis. Am I wrong?
>
>
> -------------------------------------------------------
> R?jean Caron - xxxxx@motus.com
> Motus Technologies inc.
> (418) 521-2100 ext. 292
>
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@vba.com.by
> To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

3

> ----------

From: xxxxx@motus.com[SMTP:xxxxx@motus.com]
Reply To: xxxxx@lists.osr.com
Sent: Friday, November 30, 2001 2:55 PM
To: xxxxx@lists.osr.com
Subject: [ntdev] Virtual disk and XP

Hello,

We are writting a virtual volume driver, to support Encryption/Decryption,
“a la” PGP. What I care about is the fast user switching feature in XP.
Is there a way to detect it from Kernel mode?
The thing is that, if I have a user A which mounts virtual volumes and we
switch to user B, will B see the virtual volumes of user A?
In this case, I suppose that volumes are per machine basis, and not per
user basis. Am I wrong?

It depends. Volumes are global but users access them using drive letter
which can be both local to session or global. Mount Manager creates global,
IoCreateSymbolicLink and DefineDosDevice local. Note you can use local
drives and other users can still be able to use volumes because device names
are globals. It might be avoided using proper access right to devices but I
hadn’t time to try it, yet. From kernel mode you can examine session ID for
current user using current process token.

Best regards,

Michal Vodicka
STMicroelectronics Design and Application s.r.o.
[michal.vodicka@st.com, http:://www.st.com]

You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

4

>We are writting a virtual volume driver, to support Encryption/Decryption,

“a la” PGP. What I care about is the fast user switching feature in XP.
s there a way to detect it from Kernel mode?

Encryption is to protect the media only (in case it will be stolen or such).
You must use the combination of encryption (to protect the persistent data) and usual access control with CREATE IRP failing (to
protect the in-memory data) to do your task.

With this “combo”, your problem is automatically solved.

Max

You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com