Dear All,
I am working a program to hide a physical disk so that it should be
inaccessible from user mode.
(but at same time it should be accessible kernel mode)
For hiding the disk I modified Registry settings:
1)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NODRIVES
which is a
32-bit word (DWORD).
2)For making disk in accessible i am returning
STATUS_FILE_IS_OFFLINE to any request sent to the disk you are interested
in.
//////////////////////////////////////
if(irp->RequestorMode == UserMode )
{
irp->IoStatus.Status = STATUS_FILE_IS_OFFLINE;
return;
}
//////////////////////////////////////
=========My Question==========
Above things are working well but i want to run “format command” on that
particular disk physical disk. Is it possible to allow some particular
dos command (like format ,chkdsk) to run from user mode and at same time
disallowing other user mode operations (like reading, writing,
delteting…)
Thanks in advance
Rohit
I am working on hiding a physical disk
Is it possible to allow some particular dos command (like format ,chkdsk)
to run from user mode and at same time disallowing other user mode
operations (like reading, writing,
delteting…) and allowing only kernel mode operation
Rohit
You want to allow the user the ability to format the disk but not
read&write from it?
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Rohit
Sent: Friday, May 16, 2003 7:08 AM
To: File Systems Developers
Subject: [ntfsd] Re: Block User mode request and allow only
kernel mode requests to disk
I am working on hiding a physical disk
Is it possible to allow some particular dos command (like
format ,chkdsk) to run from user mode and at same time
disallowing other user mode operations (like reading, writing,
delteting…) and allowing only kernel mode operation
Rohit
You are currently subscribed to ntfsd as: xxxxx@nryan.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
Hi Nick,
Yes, exactly what you understood. I want to hide my physical disk from
User mode request (like reading or writing on it). At same time i want
Format utility ie… format command to run from user mode.
Please comment !
Hmm… Perhaps you can fail opens to your filtered volume device from
I/O that do not originate from the context of your approved processes
(format.exe, chkdsk.exe)? You’d still need to keep a drive letter
symbolic link active so that the Object Manager can forward these open
requests in the first place. I don’t know of a technique that you can
use to filter the visibility of symbolic links on a per-process basis.
You can try to hide it from Explorer using the registry entry you talked
about in a previous email, but not from all apps.
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Rohit
Sent: Saturday, May 17, 2003 1:44 AM
To: File Systems Developers
Subject: [ntfsd] Re: Block User mode request and allow only
kernel mode requests to disk
Hi Nick,
Yes, exactly what you understood. I want to hide my physical
disk from User mode request (like reading or writing on it).
At same time i want Format utility ie… format command to run
from user mode. Please comment !
You are currently subscribed to ntfsd as: xxxxx@nryan.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
Hi Nick,
Thanks a lot.
I will research on it. And will post a appropriate answer for this on this
forum if i find one.
Rohit