EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Mapper sample based question regarding file/folder operations

Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.
#18643
Posted: 01/09/2012 07:44:13
by ohad (Standard support level)
Joined: 02/02/2011
Posts: 24

Hi,

I'm sure this question must have been asked here before,however,if I'm using the mapper sample as basis,is it possible to implement callback functions such as SetFileSecurity() to work with the Virtual Drive itself rather than the folder it is mapped to?

For example on F:\new folder(Virtual Drive letter) instead of the mapped folder on C:\ .

Currently I'm getting an "access denied" error whenever I try that.

Thanks for the help.
#18644
Posted: 01/09/2012 09:05:33
by Eugene Mayevski (EldoS Corp.)

OnGetFileSecurity and OnSetFileSecurity let you use ACL-based access control. In general, ACLs are not bound to the filesystem and you can handle both callbacks yourself without passing operations to underlying filesystem (in Mapper sample). Another question is that handling them is non-trivial, but this is outside of scope of our support - ACLs are Windows internal stuff and you should check MSDN on them.


Sincerely yours
Eugene Mayevski
#18645
Posted: 01/09/2012 09:06:44
by Eugene Mayevski (EldoS Corp.)

And by the way - having those events doesn't free you from checking security in OnCreateFile/OnOpenFile. I.e. if ACLs are employed, you need to additionally get user's security token using GetOriginatorToken() method and match it to ACLs.


Sincerely yours
Eugene Mayevski
#18657
Posted: 01/10/2012 01:19:23
by ohad (Standard support level)
Joined: 02/02/2011
Posts: 24

Thanks,I know about the extra checks in the other callbacks.

My question was more as to whether I can separate the virtual drive from its "mirror" folder in some ways,like the example I wrote above of setting permissions for a virtual folder but not its mirror counterpart,and also can I work with the virtual drive directly,like creating a directory in code,because every time I try to access the virtual drive letter itself I get an "access denied" error,is there any way to avoid it?
#18658
Posted: 01/10/2012 02:04:46
by Eugene Mayevski (EldoS Corp.)

I am not sure that I understand the question. If you need a fully virtual drive (i.e. not backed by any filesystem or other storage) - take VDisk sample, not Mapper. VDisk keeps all data in memory.


Sincerely yours
Eugene Mayevski
#18659
Posted: 01/10/2012 02:43:28
by ohad (Standard support level)
Joined: 02/02/2011
Posts: 24

The question is,if I want to keep a physical mirror,like the Mapper sample provides, can I make modifications to the virtual side while not affecting the physical side.

I was able to do that for example with file attributes.

Also another question is why can't I work on the virtual side directly,for example why do I get an "access denied" error when I try to use DriveInfo with the virtual drive letter,is there something I'm missing or is this some sort of limitation in your implementation?

Thanks
#18660
Posted: 01/10/2012 03:09:38
by Eugene Mayevski (EldoS Corp.)

Quote
greenflower wrote:
The question is,if I want to keep a physical mirror,like the Mapper sample provides, can I make modifications to the virtual side while not affecting the physical side.


You can do anything. It seems that you've bound yourself to Mapper sample and this restricts you from going further.

Quote
greenflower wrote:

Also another question is why can't I work on the virtual side directly,for example why do I get an "access denied" error when I try to use DriveInfo with the virtual drive letter,is there something I'm missing or is this some sort of limitation in your implementation?


Too little information. How is the drive letter created? What is DriveInfo? What you mean by "can't work on the virtual side directly"?


Sincerely yours
Eugene Mayevski
#18661
Posted: 01/10/2012 03:27:13
by ohad (Standard support level)
Joined: 02/02/2011
Posts: 24

Quote
You can do anything. It seems that you've bound yourself to Mapper sample and this restricts you from going further.


I understand,I was using the Mapper sample as reference since it was convenient and this is what currently our application is based upon.

Quote

Too little information. How is the drive letter created? What is DriveInfo? What you mean by "can't work on the virtual side directly"?


If I take your "clean" Mapper sample we have the following lines which add the mounting point:


Code
                mCbFs.AddMountingPoint(edtMountinPoint.Text);

                UpdateMountingPoints();


DriveInfo is a .NET class which can provide information on a drive.It is also used in your Mapper sample application as part of the OnGetVolumeSize callback implementation,the instance of the class there accepts the physical folder as parameter,but I would like to pass the edtMountinPoint.Text in this case,as parameter and then I get an error.

Same with if for example I want to create some sort of default file/folder structure upon the launch of the application I get an error if I try to use Directory.CreateDirectory() method (which I hope is self explanatory) if I pass in the virtualdriveletter:\\directory name as parameter I get an error.

I hope this makes it clearer,thanks.
#18663
Posted: 01/10/2012 03:57:08
by Eugene Mayevski (EldoS Corp.)

Quote
greenflower wrote:
I understand,I was using the Mapper sample as reference since it was convenient and this is what currently our application is based upon.


Yes, but the physical disk is just a place to store some information, the same place as in-memory streams or a database. You should not treat it as anything more than this. And virtual file system doesn't depend in any way on the physical disk.

Quote
greenflower wrote:
If I take your "clean" Mapper sample we have the following lines which add the mounting point:


It creates a file system but doesn't emulate a physical disk (the disk is mounted in non-PnP mode). But this doesn't affect your problem as you describe it further.

Quote
greenflower wrote:
DriveInfo is a .NET class which can provide information on a drive.It is also used in your Mapper sample application as part of the OnGetVolumeSize callback implementation,the instance of the class there accepts the physical folder as parameter,but I would like to pass the edtMountinPoint.Text in this case,as parameter and then I get an error.


1) Did you call DriveInfo from the callback or outside of callback?
2) Does this happen in stock Mapper sample or only in your code?
3) Are security callbacks involved? Will the problem disappear if you disable them (by detaching handlers from events, not by commenting out the code)?

Quote
greenflower wrote:
Same with if for example I want to create some sort of default file/folder structure upon the launch of the application I get an error if I try to use Directory.CreateDirectory() method (which I hope is self explanatory) if I pass in the virtualdriveletter:\\directory name as parameter I get an error.


1) Does this happen if you try to create directory from Explorer (of course on the virtual disk) or from other external process?
2) Does this happen in stock Mapper sample or only in your code?
3) Are security callbacks involved? Will the problem disappear if you disable them (by detaching handlers from events, not by commenting out the code)?


To summarize: a good question contains 80% of the answer. If you try to narrow down and analyze your problems before asking, it's very likely that you will get the answers yourself. If no, - give us the test case instead of describing what you do with words.


Sincerely yours
Eugene Mayevski
#18667
Posted: 01/10/2012 04:44:30
by ohad (Standard support level)
Joined: 02/02/2011
Posts: 24

The latest Eldos driver version I have installed is 3.2.100.247,Operating system is Windows 7 64 bit

Quote
1) Did you call DriveInfo from the callback or outside of callback?
2) Does this happen in stock Mapper sample or only in your code?
3) Are security callbacks involved? Will the problem disappear if you disable them (by detaching handlers from events, not by commenting out the code)?


1) Inside the OnGetVolumeSize callback implementation,as I wrote above.

2) I took your stock mapper sample,the only thing I changed of course is the parameter which DriveInfo() gets,the exception is then thrown as the AvailableFreeSpace property of the DriveInfo class is accessed during runtime.

3)The attachments between handlers & events were commented out,as per your stock Mapper sample I believe

Quote

1) Does this happen if you try to create directory from Explorer (of course on the virtual disk) or from other external process?
2) Does this happen in stock Mapper sample or only in your code?
3) Are security callbacks involved? Will the problem disappear if you disable them (by detaching handlers from events, not by commenting out the code)?


1)When I just try to create a directory in the Explorer externally and not programmatically everything works fine.

However if I utilize the Directory.CreateDirectory() method whether inside a callback or outside of it,I get the error.

2)Well,you don't have a situation such as this given in your stock Mapper sample,so to achieve it I added a call to Directory.CreateDirectory() in the OnCreateFile callback implementation which appears in your stock Mapper sample.

In my code I have an additional class which has a method with a call to create directories in the virtual drive.

3)In the mapper sample the situation regarding the security callbacks was the same as in number 3 above
In my code I have the security callbacks active,however for the sake of testing now I created the same situation as in the Mapper sample and the result was the same,I still get an "access denied".

Did I miss anything? Would you like a test case instead?
Thanks.
Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.

Reply

Statistics

Topic viewed 3114 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!