EldoS | Feel safer!

Software components for data protection, secure storage and transfer

More Vista Troubles

Also by EldoS: MsgConnect
Cross-platform protocol-independent communication framework for building peer-to-peer and client-server applications and middleware components.
#4944
Posted: 02/09/2008 18:33:33
by Anthoni Gardner (Basic support level)
Joined: 07/24/2007
Posts: 29

Hello there,

I've managed to finally get the drivers installed on Windows Vista using a manifest file (thank you to Vladimir for pointing out this and the website required, sorry if spelled name wrong).

Now when I run my code, it does not seem to want to create the .st file to be mounted. My code has not changed and it works on XP. Surely my application does not need to be also run in elevated mode? Below is my code that works perfectly well on XP, but fails to create it on Vista. Any clues ?

Code
var
  NewStorage: TSolFSStorage;

begin
  If Not fKeyReady Then
    Exit;

  Try
    //Create the initial isnazzle.isd file
    NewStorage := TSolFSStorage.Create(Nil);
    Try
      NewStorage.FileName := Browser.Drive;
      NewStorage.PageSize := 4096;
      NewStorage.Logo := 'FS';
      NewStorage.AutoCompact := 25;
      NewStorage.StorageType := stVirtualDisk;
      NewStorage.Open(somCreateAlways);
      NewStorage.SetEncryption(ecAES256_HMAC256, '', 'MY SECURITY KEY HERE');
    Finally
      FreeAndNil(NewStorage);
    End;
  Except On E: Exception Do
    XLog('[Virtual.Init] @ ' + E.Message);
  End;
#4947
Posted: 02/11/2008 01:31:21
by Volodymyr Zinin (EldoS Corp.)

Hello,

It occurs because a process that calls NewStorage.Open(somCreate­Always) doesn't have a permission to create a storage-file. You should create a storage-file only in a place where its creation is allowed. For example you can change security rights for a parent directory where a storage-file should be created.

Quote
Anthoni Gardner wrote:
My code has not changed and it works on XP.

In Vista permissions model is more paranoid.
#4956
Posted: 02/11/2008 11:07:04
by Anthoni Gardner (Basic support level)
Joined: 07/24/2007
Posts: 29

Hi Vladimir,

Quote
In Vista permissions model is more paranoid.


Haha, that is so true. Like seriously paranoid.
I solved it by including the same manifest (altered for name of course) inside the main application and now it runs perfectly. I am also going to digitally sign all the applications, setup, un-installer and the main application itself so that the user knows it hasnt been tampered with.

Hopefully this will help alleviate some anxiety on the part of the users.
Can never please them all though <grins>
#4957
Posted: 02/11/2008 11:27:36
by Eugene Mayevski (EldoS Corp.)

BTW please tell us
a) where is the file which you want to open/create located?
b) does the file exist already when you try to open it?


Sincerely yours
Eugene Mayevski
#4959
Posted: 02/11/2008 12:19:40
by Anthoni Gardner (Basic support level)
Joined: 07/24/2007
Posts: 29

Hi,

The application determines if the file has been created or not and if it has not be created it will create it and store the location of the file inside the user's appdata folder.

To determine where to place the file, my program analysis the user's hard drive and checks for the largest partition that is available (if only 1 partition then it uses that one) and creates the file there.

Upon startup, the program looks in the appdata folder to see if the file is created. If it can not find the location, it will check the partitions and then check to see if the file is there. If not create it. The file is ALWAYS stored in the root of the drive.

Hope this helps.
#4961
Posted: 02/11/2008 12:39:52
by Eugene Mayevski (EldoS Corp.)

I see. Yes, the restricted user seems not to have write access to the root folder. And probably this makes certain sense when the user accounts are managed in large companies.


Sincerely yours
Eugene Mayevski
#4962
Posted: 02/11/2008 13:03:19
by Anthoni Gardner (Basic support level)
Joined: 07/24/2007
Posts: 29

Agreed, wholeheartedly.

However, as my application is designed for general users then this does not really matter as much.
Yes some people will perceive it as a security threat and that is why all the applications will be digitally signed. That way, when Vista does show the elevated prompt, it shows a special one for digitally signed code. (At least according to the sources I've read, it does).

Hopefully this will, like I said, alleviate some anxiety on the users part.
Also it will be well documented in our help section of the site (eventually, when I get to it).

Thanks for your input thus for, from both of you.
It has been greatly appreciated.
Also by EldoS: MsgConnect
Cross-platform protocol-independent communication framework for building peer-to-peer and client-server applications and middleware components.

Reply

Statistics

Topic viewed 5136 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!