There's no way to tell what security new files should be created with
See original GitHub issueIn my VFS, I’ve got what seems to be a better implementation of GetFileSecurity
and SetFileSecurity
than the Mirror sample includes, meaning that I get closer results to what winfstest expects in the 10.t
(security and permissions) test set. However, it attempts to create new files with specific DACLs, and this information is not relayed to me via Dokan.NET, so I’m limited in what I can do to resolve this.
If a FileSystemSecurity
object was passed to CreateFile
, then I could get this set of tests to pass (and provide the necessary changes to the mirror sample).
Issue Analytics
- State:
- Created 6 years ago
- Reactions:1
- Comments:14 (13 by maintainers)
Top Results From Across the Web
Any way to tell who modified files? - IT Security
Yes, this can be solved with file auditing for sure and it's the most reliable way, because other methods, such as track change...
Read more >Take response actions on a file in Microsoft Defender ...
Take response actions on file-related alerts by stopping and quarantining a file or blocking a file and checking activity details.
Read more >Trusted documents
Learn what trusted documents are and how to change the options. ... In addition, you can turn off the feature by clicking No...
Read more >Chapter 6 -- Information Security, from Safeguarding Your ...
Use "key identifiers" to link segregated information : If record information is maintained in a segregated manner (e.g., testing files are kept in...
Read more >Linux file permissions explained | Enable Sysadmin
It first checks to see whether you are the user that owns the file. If so, then you are granted the user owner's...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
I’m currently busy with being behind on a final-year university project (the thing I’m making my VFS for), so much as I’d like to, I don’t have a huge amount of time to go investigating a perfect solution to all the interesting issues of open-source projects I find, unfortunately. It might go on my long list of things to do once I graduate.
Additionally, I’m having issues unsetting the
SE_DACL_AUTO_INHERITED
security descriptor control flag from within C#. It lets me change it for FileSystemSecurity objects, but when I write them to disk and read them back, the flag hasn’t changed. I’m getting the impression that this is because this flag can only be modified by a separate function in the raw Win32 API, and that function isn’t exposed to C#.I’m also not sure how big an issue this actually is. I think the effective access I’m getting is the same, but it’s enough to upset winfstest, and enough for me to feel it’s not quite ready for a PR.
Maybe it would be a good idea for Dokan.NET to provide helper functions which wrap behaviour which VFSes are likely to need, but can’t get in C#.
@Liryna, @AnyOldName3 I know nothing about file security, but I’ll try to to learn and see what I can do.