EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Why throwing an exception from OnDeleteFile callback/event handler doesn’t prevent file deletion?

It's correct behavior. Windows can delete a file or directory in two ways:

The first way:
1. The file is opened.
2. "Delete on close" flag is set for the file (for details see the flag FileDispositionInformation in MSDN). During this system request the OnCanFileBeDeleted callback is called.
3. The file is closed. This causes CBFS to call the OnDeleteFile callback.

The second way (Explorer in Windows 8 uses it, but any application can go this way and some applications do):
1. The file is opened with the special system "delete on close" flag (for details see FILE_FLAG_DELETE_ON_CLOSE in the CreateFile Win32 API).
2. The file is closed. CBFS calls the OnCanFileBeDeleted callback and if the callback handler allows deletion of the file, OnDeleteFile callback is called (in the other case only the OnClose callback is called).

Unfortunately the system doesn't check the status of the close file request. It's expected to always finish successfully. That's why throwing exceptions from OnDeleteFile callbacks doesn't work.

But the deletion can be prevented if the OnCanFileBeDeleted callback handler denies it.

In order to protect the file from being deleted in the second variant described above you need to do the following:
1) set the CallbackFileSystem.UseFileCreationFlags property and
2) check for the FILE_FLAG_DELETE_ON_CLOSE flag in the OnOpenFile callback. If it’s present then throwing the ERROR_ACCESS_DENIED (5) causes the file not to be opened (and therefore not to be deleted on close).

Unfortunately such deletion protection can cause incorrect work of some applications or processes. Consider a process that uses some temporary file(s). The process opens the file, reads/writes it, and closes the handle many times. Finally the process decides to open the file with the FILE_FLAG_DELETE_ON_CLOSE flag and perform read/write a little more before deleting the file. Preventing file opening in this last situation can cause incorrect behavior of the process.

Return to the list


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!