EldoS | Feel safer!

Software components for data protection, secure storage and transfer


Also by EldoS: MsgConnect
Cross-platform protocol-independent communication framework for building peer-to-peer and client-server applications and middleware components.
Posted: 05/06/2016 02:58:43
by naohiro mizutani (Priority Standard support level)
Joined: 04/27/2016
Posts: 4


I have a question about the newly added "CbFsHandleInfo.GetCreatorToken".

What is the difference between the behavior of the "CbFsHandleInfo.GetCreatorToken" and "CallbackFileSystem.getOriginatorToken"?
If, whether it is better that the behavior is replaced if it is the same?

Thank you.

Best Regards,
naohiro mizutani
Posted: 05/06/2016 03:47:02
by Volodymyr Zinin (EldoS Corp.)

Usually it is the same. But there can be a rare situation when the handle is opened by one thread but then another thread (which is impersonated) uses the obtained handle to work with the file. In that case GetCreatorToken specifies a token for the thread (or for the whole process if the thread isn't impersonated) which opened the file, and GetOriginatorToken returns a token for the thread which is originator of the current callback.
In the case of the OnCreate and OnOpen callback both methods (GetCreatorToken and GetOriginatorToken) return the same token. And usually it is enough to check security restriction only in these callbacks. If these callbacks return error (ERROR_ACCESS_DENIED or another) than the originator of the file create/open request doesn't obtain a handle for the file and therefore won't be able to do any operations on it.



Topic viewed 1043 times

Number of guests: 2, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!