Let say I have a file A.TXT which is set to be readable under C:\DEMO,
I trapped PreSetInfo() to capture delete flags but there is an issues when user
right click the file and do a “COPY & PASTE” method, A.TXT is able to be copied out.
Please advise.
A copy operation is made of two system calls:
-Rajat
From: xxxxx@yahoo.com
Sent: 01-07-2013 07:40
To: Windows File Systems Devs Interest List
Subject: [ntfsd] How to prevent readable file from being copied out ?
Let say I have a file A.TXT which is set to be readable under C:\DEMO,
I trapped PreSetInfo() to capture delete flags but there is an issues when user
right click the file and do a “COPY & PASTE” method, A.TXT is able to
be copied out.
Please advise.
NTFSD is sponsored by OSR
OSR is hiring!! Info at http://www.osr.com/careers
For our schedule of debugging and file system seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
Rajat, is very true technically, is just to end-user, they want to read the file and at the the same time that file is protected as well which give a bit challenge in this case.
Is there any other methods or solutions to implement this case ?
> Let say I have a file A.TXT which is set to be readable under C:\DEMO,
- Is it possible to prevent C:\DEMO\A.TXT from being copied out from
C:\DEMO ?I trapped PreSetInfo() to capture delete flags but there is an issues when
user
right click the file and do a “COPY & PASTE” method, A.TXT is able to be
copied out.
Define “copy”. Any operation that opens the file for reading can do
anything it wants with the bits it receives. It can write them out as a
separate file on a removable device, and there is no way to know that the
open-for-write on the device is going to deliver the bits from the a.txt
file to that output device. You somehow think that disallowing a
copy-file or rename-file is going to make the file “uncopyable”. But it
is so trivial to copy a file in an undetectable fashion that you might as
well consider this a pointless requirement because it can never be met.
Note that you CAN have the security log record every time the file is
opened, but you can’t tell what is done with the bits. And don’t say that
you can just watch all output streams to see if the bits match; this is so
trivially defeatable that I would expect a reasonably intelligent
12-year-old to know how to do it.
What problem are you trying to solve here? Note that some problems are
simply unsolvable. What is amazing is that you even bothered to try to
build something like this.
joe
Please advise.
NTFSD is sponsored by OSR
OSR is hiring!! Info at http://www.osr.com/careers
For our schedule of debugging and file system seminars visit:
http://www.osr.com/seminarsTo unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
> Rajat, is very true technically, is just to end-user, they want to read
the file and at the the same time that file is protected as well which
give a bit challenge in this case.Is there any other methods or solutions to implement this case ?
I can’t even parse that sentence. What are you trying to accomplish? Are
you trying to read and write the file at the same time? This is
supported. Please explain.
joe
NTFSD is sponsored by OSR
OSR is hiring!! Info at http://www.osr.com/careers
For our schedule of debugging and file system seminars visit:
http://www.osr.com/seminarsTo unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
Joseph,
Thanks for feedback 
I have a minifilter driver that monitors files within a folder so that files cannot be copied out
from the protected folder. This can be done with non-readable files method.
Problem is, users (nurses in hospital) want to read files within that protected folder which in this case, I have to set these files to READ-ONLY, the same time not to be protected from being copied out.
I can understand the concern of, in the first place why should we allow file to be opened for READ and
opened chances to be copied into other locations and I really find it hard to explain to non-technical peoples as this is one of requirements.
I am aware that “COPY” is means to open for reading, which actually allowing files to be copied out and
is this reason that I place the question here.
Please advise.
…some correction:
“…the same time not to be protected from being copied out.” change to
“…the same time these files within that protected folder not allowed to be copied out.”
There is an area of systems research called “taint tracking” that has been
used to allow data to be read but not digially copied (e.g.
http://static.usenix.org/event/osdi10/tech/full_papers/Enck.pdf) and would
seem to address your needs. Generally speaking Taint Tracking is extremely
expensive to enforce and requires considerably more hooks into the OS than
a minifilter can provide.
–Dutch
On Sun, Jun 30, 2013 at 8:20 PM, wrote:
> Joseph,
>
> Thanks for feedback
>
> I have a minifilter driver that monitors files within a folder so that
> files cannot be copied out
> from the protected folder. This can be done with non-readable files method.
>
> Problem is, users (nurses in hospital) want to read files within that
> protected folder which in this case, I have to set these files to
> READ-ONLY, the same time not to be protected from being copied out.
>
> I can understand the concern of, in the first place why should we allow
> file to be opened for READ and
> opened chances to be copied into other locations and I really find it hard
> to explain to non-technical peoples as this is one of requirements.
>
> I am aware that “COPY” is means to open for reading, which actually
> allowing files to be copied out and
> is this reason that I place the question here.
>
> Please advise.
>
>
>
>
>
>
>
> —
> NTFSD is sponsored by OSR
>
> OSR is hiring!! Info at http://www.osr.com/careers
>
> For our schedule of debugging and file system seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
–
-=-Dutch
Again, the question is: what is the problem?
Let us take as given that anyone who has the right to open a file to read
will implicitly have the right to copy its contents. There is no way to
prevent this. None whatsoever. The use of ACLs will limit the access to
those who are authorized. You have to work on the premise that anyone who
has the right to read the file has the right to create a copy of that
file. There is absolutely no way to prevent this. None whatsoever.
HIPAA requirements in the US do not stop employees of a health service
from releasing records, deliberately or accidentally. They simply make it
very expensive to do so. What you have to do to comply is to make sure
that UNAUTHORIZED people cannot get access to the information. Therefore,
ACLs will do the job. As long as you keep the data “behind the fence”.
If someone can put the data on a publicly-accessible Web page, too bad.
The hospital gets a WHOPPING big fine for having been careless. And the
employee who made the error probably does not have a bright future with
the hospital.
There is absolutely no way to detect if a file is being “copied out”.
There is a read handle to the file, and there is no way to control what
happens to those bits once they have been read. This is reality. Deal
with it.
If the file reprsents some confidential patient record, any nurse logged
in on his or her account will have access if the ACLs permit. You CAN
enable logging, so you can see who is accessing the file; so if there is a
leak, you can go back to the security log and see who accessed the file.
The rest of it is training people to not leave logged-in computers
accessible to potentially “uncleared” users.
So how can you have a filter that detects a file is being “copied
out”–other than detecting it is being used from a CopyFile operation,
which is essentially protection against functionally illiterate attackers.
But tell me how you are managing the protection, and I can probably come
up with a way to defeat in within five minutes. Why? Because it is not
possible to protect a file from being “copied out”.
Anyone who believes that it is possible to prevent a file from being
“copied out” needs to be made aware of reality. It IS possible to prevent
a file from being read; it is possible to prevent a file from being
written; it is possible to protect an entire directory from being
enumerated, or having files in it opened, or new files created in it,
etc., but the concept that you can determine a file is being “copied” is
meaningless. But overall, you cannot reliably stop a file from being read
if some human needs to see the data. For that matter, I could open the
file in the medical records program, “show the bits” in the GUI, and
photograph them with my smartphone. Any method that can prevent this will
work for solving your problem, but this should be a good way to illustrate
it to those who think it is possible because they wish it to be possible
(the “wish” style of writing requirements documents usually fails when
confronted with reality. The number of times I had to explain to clients
that their requirements were impossible in the last 50 years has been much
higher than it should have been. The billing system that wanted five
“quarters” in a year, or the company that wanted to be able to have the
computer produce the result that 10 * 2 = {10, 12, 14, 16, 18}, because in
their typewritten quotes, you took the quantity, multiplied by the price,
and then discounted by whatever you thought would get the quote to be the
low bid. The idea that the computer did not let them do this really,
really bothered them. Some things are simply not possible.
As another reality check for those who don’t seem able to deal with it,
the key is to design a system for a paper-based records system that will
stop someone from making a xerographic copy of one or more pages of a
patient record, or simply giving the original page to someone. If they
can come up with an impossible-to-bypass solution to this problem, they
have designed your solution for you. But I suggest continuing on with
life and not just wait for their solution, because it doesn’t exist.
joe
Joseph,
Thanks for feedback
I have a minifilter driver that monitors files within a folder so that
files cannot be copied out
from the protected folder. This can be done with non-readable files
method.Problem is, users (nurses in hospital) want to read files within that
protected folder which in this case, I have to set these files to
READ-ONLY, the same time not to be protected from being copied out.I can understand the concern of, in the first place why should we allow
file to be opened for READ and
opened chances to be copied into other locations and I really find it hard
to explain to non-technical peoples as this is one of requirements.I am aware that “COPY” is means to open for reading, which actually
allowing files to be copied out and
is this reason that I place the question here.Please advise.
NTFSD is sponsored by OSR
OSR is hiring!! Info at http://www.osr.com/careers
For our schedule of debugging and file system seminars visit:
http://www.osr.com/seminarsTo unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
Keeping the data encrypted, and protecting the private decryption keys,
solves one set of problems. It doesn’t keep the file from being “copied
out” but it makes sure the contents are not easily usable if they are
copied. But this requires a LOT more effort, and at the moment, lacking
the “secure core”, there is no way to guarantee the private keys are
adequately protected. And it still doesn’t protect the record against
having its contents photographed from the screen.
joe
There is an area of systems research called “taint tracking” that has been
used to allow data to be read but not digially copied (e.g.
http://static.usenix.org/event/osdi10/tech/full_papers/Enck.pdf) and
would
seem to address your needs. Generally speaking Taint Tracking is
extremely
expensive to enforce and requires considerably more hooks into the OS than
a minifilter can provide.–Dutch
On Sun, Jun 30, 2013 at 8:20 PM, wrote:
>
>> Joseph,
>>
>> Thanks for feedback
>>
>> I have a minifilter driver that monitors files within a folder so that
>> files cannot be copied out
>> from the protected folder. This can be done with non-readable files
>> method.
>>
>> Problem is, users (nurses in hospital) want to read files within that
>> protected folder which in this case, I have to set these files to
>> READ-ONLY, the same time not to be protected from being copied out.
>>
>> I can understand the concern of, in the first place why should we allow
>> file to be opened for READ and
>> opened chances to be copied into other locations and I really find it
>> hard
>> to explain to non-technical peoples as this is one of requirements.
>>
>> I am aware that “COPY” is means to open for reading, which actually
>> allowing files to be copied out and
>> is this reason that I place the question here.
>>
>> Please advise.
>>
>>
>>
>>
>>
>>
>>
>> —
>> NTFSD is sponsored by OSR
>>
>> OSR is hiring!! Info at http://www.osr.com/careers
>>
>> For our schedule of debugging and file system seminars visit:
>> http://www.osr.com/seminars
>>
>> To unsubscribe, visit the List Server section of OSR Online at
>> http://www.osronline.com/page.cfm?name=ListServer
>>
>
>
>
> –
> -=-Dutch
>
> —
> NTFSD is sponsored by OSR
>
> OSR is hiring!! Info at http://www.osr.com/careers
>
> For our schedule of debugging and file system seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
Joseph, thanks for the valuable feedback, I will consider information you have given.
you can’t really solve this problem (since only way to do it is deny open
or read requests), but maybe for your needs will be enough to hook
CopyFileExW or BasepCopyFileExW in kernel32.dll
On Mon, Jul 1, 2013 at 11:29 AM, wrote:
> Joseph, thanks for the valuable feedback, I will consider information you
> have given.
>
> —
> NTFSD is sponsored by OSR
>
> OSR is hiring!! Info at http://www.osr.com/careers
>
> For our schedule of debugging and file system seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
What about if someone uses the clipboard to copy/paste? Or screen captures?
Or attaches the file to an email? Also, while I know Sergey knows this, a
CopyFile hook would also be trivially bypassed by someone who really wanted
the data (i.e. a simple app that calls ReadFile/WriteFile).
There’s also the pesky issue of someone taking a picture of the screen
(though you wouldn’t have to worry about me doing this with my Blackberry, I
wouldn’t be able to see the resulting picture anyway).
In the end, it all depends on the threat model. I suspect that document
protection will become an even hotter topic based on recent events here in
the US, though it’s easy to create something that only gives the illusion of
protection.
-scott
OSR
“Sergey Pisarev” wrote in message
news:xxxxx@ntfsd…
you can’t really solve this problem (since only way to do it is deny open or
read requests), but maybe for your needs will be enough to hook CopyFileExW
or BasepCopyFileExW in kernel32.dll
On Mon, Jul 1, 2013 at 11:29 AM, wrote:
Joseph, thanks for the valuable feedback, I will consider information you
have given.
—
NTFSD is sponsored by OSR
OSR is hiring!! Info at http://www.osr.com/careers
For our schedule of debugging and file system seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
> Rajat, is very true technically, is just to end-user, they want to read the file and at the the same time
that file is protected
Try to hook CopyFile/Ex call using AppInit_DLLs.
Surely there are lots of ways to copy the file - like zip, then unzip - but these ones just cannot be filtered.
This moronic idea only provides the illusion of security.
–
Maxim S. Shatskih
Microsoft MVP on File System And Storage
xxxxx@storagecraft.com
http://www.storagecraft.com
> the data (i.e. a simple app that calls ReadFile/WriteFile).
Or just “cat” from gnuwin32 tools.
In the end, it all depends on the threat model. I suspect that document
protection will become an even hotter topic based on recent events here in
the US
Oh yes, these events are lots of fun. I can just only imagine Snowden to be interrogated by the Russian national security/intelligence officers
This is absolutely unbelievable thing, even for a Cold War.
–
Maxim S. Shatskih
Microsoft MVP on File System And Storage
xxxxx@storagecraft.com
http://www.storagecraft.com
One of the ideas is to provide limited tools with no user’s access to “file” abstraction.
iPad will fit a lot
“Dutch Meyer” wrote in message news:xxxxx@ntfsd…
There is an area of systems research called “taint tracking” that has been used to allow data to be read but not digially copied (e.g. http://static.usenix.org/event/osdi10/tech/full_papers/Enck.pdf) and would seem to address your needs. Generally speaking Taint Tracking is extremely expensive to enforce and requires considerably more hooks into the OS than a minifilter can provide.
–Dutch
On Sun, Jun 30, 2013 at 8:20 PM, wrote:
Joseph,
Thanks for feedback
I have a minifilter driver that monitors files within a folder so that files cannot be copied out
from the protected folder. This can be done with non-readable files method.
Problem is, users (nurses in hospital) want to read files within that protected folder which in this case, I have to set these files to READ-ONLY, the same time not to be protected from being copied out.
I can understand the concern of, in the first place why should we allow file to be opened for READ and
opened chances to be copied into other locations and I really find it hard to explain to non-technical peoples as this is one of requirements.
I am aware that “COPY” is means to open for reading, which actually allowing files to be copied out and
is this reason that I place the question here.
Please advise.
—
NTFSD is sponsored by OSR
OSR is hiring!! Info at http://www.osr.com/careers
For our schedule of debugging and file system seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
–
-=-Dutch
> Let us take as given that anyone who has the right to open a file to read
will implicitly have the right to copy its contents. There is no way to
prevent this. None whatsoever.
If you work at file level, and your verbs are - read/write - then you’re correct.
On higher levels, this can be done.
If the file reprsents some confidential patient record, any nurse logged
in on his or her account will have access if the ACLs permit.
If this machine has a nursing app installed instead of Windows shell, without CMD.EXE at all (hey, in8 and Metro is fine for this too, not only iPad) - then the problem can really be solved.
–
Maxim S. Shatskih
Microsoft MVP on File System And Storage
xxxxx@storagecraft.com
http://www.storagecraft.com
Of course, that would require him to actually be in Russia, which we KNOW
isn’t true
-scott
OSR
the data (i.e. a simple app that calls ReadFile/WriteFile).
Or just “cat” from gnuwin32 tools.
In the end, it all depends on the threat model. I suspect that document
protection will become an even hotter topic based on recent events here in
the US
Oh yes, these events are lots of fun. I can just only imagine Snowden to be
interrogated by the Russian national security/intelligence officers
This is absolutely unbelievable thing, even for a Cold War.
–
Maxim S. Shatskih
Microsoft MVP on File System And Storage
xxxxx@storagecraft.com
http://www.storagecraft.com
Not sure I follow - it’s really not an encryption thing. The idea with
taint tracking is that you track memory movement in the system. When the
application opens a files in the protected folder, the buffer that you read
into becomes tainted. Anytime any process or the OS reads that tainted
memory into a register or copies it into RAM, those locations becomes
tainted too until they are overwritten. You do that by marking the tainted
memory unreadable in the OS (or lower) and then trapping when they are
accessed and running binary analysis on the code accessing your tainted
buffer. When your binary analysis tells you that tainted data is about to
be sent to a driver (particularly the disk or the network), you fail the
memory access or kill the application. If all that doesn’t sound scary
enough, the nasty bit is that if the process takes a branch based on data
in the tainted buffer you have to then taint everything the application
does within the branching code block.
I think you’d have to run windows in a VM to have any hope of getting it to
work, but I think this is basically what the OP is asking for.
I won’t argue that it’s practical, but if you’re willing to sacrifice
performance, possibly stability, a tremendous developer effort, and
portability, the result is that you probably can prevent a system from
making any digital copies of select data. If you are also worried about
someone copying the screen with a camera or a notepad, then you need
security cameras.
–Dutch
On Sun, Jun 30, 2013 at 10:03 PM, wrote:
> Keeping the data encrypted, and protecting the private decryption keys,
> solves one set of problems. It doesn’t keep the file from being “copied
> out” but it makes sure the contents are not easily usable if they are
> copied. But this requires a LOT more effort, and at the moment, lacking
> the “secure core”, there is no way to guarantee the private keys are
> adequately protected. And it still doesn’t protect the record against
> having its contents photographed from the screen.
> joe
>
>
> > There is an area of systems research called “taint tracking” that has
> been
> > used to allow data to be read but not digially copied (e.g.
> > http://static.usenix.org/event/osdi10/tech/full_papers/Enck.pdf) and
> > would
> > seem to address your needs. Generally speaking Taint Tracking is
> > extremely
> > expensive to enforce and requires considerably more hooks into the OS
> than
> > a minifilter can provide.
> >
> > --Dutch
> >
> > On Sun, Jun 30, 2013 at 8:20 PM, wrote:
> >
> >> Joseph,
> >>
> >> Thanks for feedback
> >>
> >> I have a minifilter driver that monitors files within a folder so that
> >> files cannot be copied out
> >> from the protected folder. This can be done with non-readable files
> >> method.
> >>
> >> Problem is, users (nurses in hospital) want to read files within that
> >> protected folder which in this case, I have to set these files to
> >> READ-ONLY, the same time not to be protected from being copied out.
> >>
> >> I can understand the concern of, in the first place why should we allow
> >> file to be opened for READ and
> >> opened chances to be copied into other locations and I really find it
> >> hard
> >> to explain to non-technical peoples as this is one of requirements.
> >>
> >> I am aware that “COPY” is means to open for reading, which actually
> >> allowing files to be copied out and
> >> is this reason that I place the question here.
> >>
> >> Please advise.
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >> —
> >> NTFSD is sponsored by OSR
> >>
> >> OSR is hiring!! Info at http://www.osr.com/careers
> >>
> >> For our schedule of debugging and file system seminars visit:
> >> http://www.osr.com/seminars
> >>
> >> To unsubscribe, visit the List Server section of OSR Online at
> >> http://www.osronline.com/page.cfm?name=ListServer
> >>
> >
> >
> >
> > –
> > -=-Dutch
> >
> > —
> > NTFSD is sponsored by OSR
> >
> > OSR is hiring!! Info at http://www.osr.com/careers
> >
> > For our schedule of debugging and file system seminars visit:
> > http://www.osr.com/seminars
> >
> > To unsubscribe, visit the List Server section of OSR Online at
> > http://www.osronline.com/page.cfm?name=ListServer
>
>
>
> —
> NTFSD is sponsored by OSR
>
> OSR is hiring!! Info at http://www.osr.com/careers
>
> For our schedule of debugging and file system seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
–
-=-Dutch
But the x86 doesn’t extend this to registers. So if I mov al, <address>>, the how do you mrk al as “tainted”? If I store al somewhere,
10,000 instructions later (carefully crafted to not disturb al) how do I
find the target of mov <>, al, without doing a
co,plete instruction-set simulation? Perhaps this is the source of the
“inefficiency”, which means even legitimate users using approved apps
suffer. In addition, is a “display driver” not a driver? And if I spoof
a display driver with one that has a “send to network” module built in…?
joe
> Not sure I follow - it’s really not an encryption thing. The idea with
> taint tracking is that you track memory movement in the system. When the
> application opens a files in the protected folder, the buffer that you
> read
> into becomes tainted. Anytime any process or the OS reads that tainted
> memory into a register or copies it into RAM, those locations becomes
> tainted too until they are overwritten. You do that by marking the
> tainted
> memory unreadable in the OS (or lower) and then trapping when they are
> accessed and running binary analysis on the code accessing your tainted
> buffer. When your binary analysis tells you that tainted data is about to
> be sent to a driver (particularly the disk or the network), you fail the
> memory access or kill the application. If all that doesn’t sound scary
> enough, the nasty bit is that if the process takes a branch based on data
> in the tainted buffer you have to then taint everything the application
> does within the branching code block.
>
> I think you’d have to run windows in a VM to have any hope of getting it
> to
> work, but I think this is basically what the OP is asking for.
>
> I won’t argue that it’s practical, but if you’re willing to sacrifice
> performance, possibly stability, a tremendous developer effort, and
> portability, the result is that you probably can prevent a system from
> making any digital copies of select data. If you are also worried about
> someone copying the screen with a camera or a notepad, then you need
> security cameras.
>
> --Dutch
>
> On Sun, Jun 30, 2013 at 10:03 PM, wrote:
>
>> Keeping the data encrypted, and protecting the private decryption keys,
>> solves one set of problems. It doesn’t keep the file from being “copied
>> out” but it makes sure the contents are not easily usable if they are
>> copied. But this requires a LOT more effort, and at the moment, lacking
>> the “secure core”, there is no way to guarantee the private keys are
>> adequately protected. And it still doesn’t protect the record against
>> having its contents photographed from the screen.
>> joe
>>
>>
>> > There is an area of systems research called “taint tracking” that has
>> been
>> > used to allow data to be read but not digially copied (e.g.
>> > http://static.usenix.org/event/osdi10/tech/full_papers/Enck.pdf) and
>> > would
>> > seem to address your needs. Generally speaking Taint Tracking is
>> > extremely
>> > expensive to enforce and requires considerably more hooks into the OS
>> than
>> > a minifilter can provide.
>> >
>> > --Dutch
>> >
>> > On Sun, Jun 30, 2013 at 8:20 PM, wrote:
>> >
>> >> Joseph,
>> >>
>> >> Thanks for feedback
>> >>
>> >> I have a minifilter driver that monitors files within a folder so
>> that
>> >> files cannot be copied out
>> >> from the protected folder. This can be done with non-readable files
>> >> method.
>> >>
>> >> Problem is, users (nurses in hospital) want to read files within that
>> >> protected folder which in this case, I have to set these files to
>> >> READ-ONLY, the same time not to be protected from being copied out.
>> >>
>> >> I can understand the concern of, in the first place why should we
>> allow
>> >> file to be opened for READ and
>> >> opened chances to be copied into other locations and I really find it
>> >> hard
>> >> to explain to non-technical peoples as this is one of requirements.
>> >>
>> >> I am aware that “COPY” is means to open for reading, which actually
>> >> allowing files to be copied out and
>> >> is this reason that I place the question here.
>> >>
>> >> Please advise.
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >> —
>> >> NTFSD is sponsored by OSR
>> >>
>> >> OSR is hiring!! Info at http://www.osr.com/careers
>> >>
>> >> For our schedule of debugging and file system seminars visit:
>> >> http://www.osr.com/seminars
>> >>
>> >> To unsubscribe, visit the List Server section of OSR Online at
>> >> http://www.osronline.com/page.cfm?name=ListServer
>> >>
>> >
>> >
>> >
>> > –
>> > -=-Dutch
>> >
>> > —
>> > NTFSD is sponsored by OSR
>> >
>> > OSR is hiring!! Info at http://www.osr.com/careers
>> >
>> > For our schedule of debugging and file system seminars visit:
>> > http://www.osr.com/seminars
>> >
>> > To unsubscribe, visit the List Server section of OSR Online at
>> > http://www.osronline.com/page.cfm?name=ListServer
>>
>>
>>
>> —
>> NTFSD is sponsored by OSR
>>
>> OSR is hiring!! Info at http://www.osr.com/careers
>>
>> For our schedule of debugging and file system seminars visit:
>> http://www.osr.com/seminars
>>
>> To unsubscribe, visit the List Server section of OSR Online at
>> http://www.osronline.com/page.cfm?name=ListServer
>>
>
>
>
> –
> -=-Dutch
>
> —
> NTFSD is sponsored by OSR
>
> OSR is hiring!! Info at http://www.osr.com/careers
>
> For our schedule of debugging and file system seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer