- UAC / explorer process / DeviceIoControl
- Posted by usfinecats on August 15th, 2007
I have a shell extension com server dll that of course runs in the explorer
process. In the past I've communicated from this to a file system filter
in the kernel.
Now I am getting access denied (5) errors when I call createfile() to open
the device for DeviceIoControl(). I simply need to read some status info
from the filter.
How can I get around this????
--
Gak -
Finecats
- Posted by Maxim S. Shatskih on August 16th, 2007
Your device object has too tight security attributes.
Look at IoCreateDeviceSecure
--
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
maxim@storagecraft.com
http://www.storagecraft.com
"usfinecats" <usfinecats@nospam.nospam> wrote in message
news:1DC98558-5196-4060-83A6-7A5750E3F2D8@microsoft.com...
- Posted by John Hensley on August 17th, 2007
Microsoft explains the correct way to do this in the white pager "User-Mode
Interactions: Guidelines for Kernel-Mode Drivers". You can get it here:
http://www.microsoft.com/whdc/driver...M-UMGuide.mspx
--
John Hensley
www.resqware.com
"usfinecats" wrote:
- Posted by usfinecats on August 17th, 2007
I understood what you suggested, and in fact had already create the device
with
L"D:P(A;;GRGW;;;WD)(A;;GA;;;SY)) as the SddlString.
Yet sadly this did not work. No I'm no expert at this by any means, but
this gave access to other exe's, just not the Explorer process. What should
this string be???
--
Gak -
Finecats
"Maxim S. Shatskih" wrote:
- Posted by Pavel Lebedinsky [MSFT] on August 18th, 2007
"usfinecats" wrote:
This looks like it should work. Can you dump the token of the calling
thread at the point where CreateFile is called (using !token in cdb/windbg)?
--
This posting is provided "AS IS" with no warranties, and confers no
rights.
