Hi All,****
I am writing a legacy file system filter driver which recycles the deleted
files to a recycle bin folder. Basically , when a delete happens, I will
create a new file at the recycle folder and copy the contents of the file
(being deleted) to the newly created file (inside recycler folder). To
create the source and destination file as same, I would set the
‘FileBasicInformation’ and security information for the destination file
same as that of source file. The files which are being deleted are present
at shared folders on the server side (Windows Server 2008R2) and it can be
deleted by different users (admin, non admin etc.) from client machines
(Windows7 machines).
I am setting the security descriptor for the target file as follows.****
****
Status = ZwSetSecurityObject(hFile,OWNER_SECURITY_INFORMATION |
DACL_SECURITY_INFORMATION |****
GROUP_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION, sdp);****
****
This is working fine for the admin users. But, for non admin users ,
‘ZwSetSecurityObject’ call returns STATUS_INVALID_OWNER.****
After reading the thread below I could understand that
http://www.winvistatips.com/sequrity-question-t185913.html
" To be able to change the owner to YOURSELF, you need
SeTakeOwnershipPrivilege enabled in your token.****
- To be able to change the owner to ANY PRINCIPAL, you need****
SeRestorePrivilege enabled in your token."
Could you please advise me on how to perform this , any example would be of
great help.
Could you please tell me is there any harm in providing this privileges?
Thanks,
Krishnanand
Hi All,
Could you please provide me with some pointers?
Thanks in advance.
Kind regards,
Krishnanand
On Tue, May 8, 2012 at 10:46 PM, krishnanand gs wrote:
> Hi All,
>
> I am writing a legacy file system filter driver which recycles the deleted
> files to a recycle bin folder. Basically , when a delete happens, I will
> create a new file at the recycle folder and copy the contents of the file
> (being deleted) to the newly created file (inside recycler folder). To
> create the source and destination file as same, I would set the
> ‘FileBasicInformation’ and security information for the destination file
> same as that of source file. The files which are being deleted are present
> at shared folders on the server side (Windows Server 2008R2) and it can be
> deleted by different users (admin, non admin etc.) from client machines
> (Windows7 machines).
>
> I am setting the security descriptor for the target file as follows.
>
>
>
> Status = ZwSetSecurityObject(hFile,OWNER_SECURITY_INFORMATION |
> DACL_SECURITY_INFORMATION |
>
> GROUP_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION, sdp);
>
>
>
> This is working fine for the admin users. But, for non admin users ,
> ‘ZwSetSecurityObject’ call returns STATUS_INVALID_OWNER.
>
> After reading the thread below I could understand that
>
> http://www.winvistatips.com/sequrity-question-t185913.html
>
> " To be able to change the owner to YOURSELF, you need
>
> SeTakeOwnershipPrivilege enabled in your token.
>
> - To be able to change the owner to ANY PRINCIPAL, you need ****
>
> SeRestorePrivilege enabled in your token."
>
> Could you please advise me on how to perform this , any example would be
> of great help.
>
> Could you please tell me is there any harm in providing this privileges?
>
> Thanks,
>
> Krishnanand
>
>
>
Have you considered either doing this work in a worker thread (hence with local system credentials) or in adjusting the credentials of the current thread? See http://www.osronline.com/article.cfm?article=23 for an example of adjusting privileges.
I’d be very careful about the latter approach, since it potentially creates a security hole if not implemented properly.
Tony
OSR