Implications of Setup Programs and EFS

Previous page
Table of content
Next page

Implications of Setup Programs and EFS

If your users use the Encrypting File System (EFS) it is possible they have encrypted their temporary files directory, as recommended by Microsoft. You may have a little problem if your component creates temporary files in common locations such as the temporary directory, %TEMP%, and then moves them to the final location. Because the files are encrypted using the EFS key of the user account that set up the application, other users might be unable to use your program as they cannot decrypt the files and are denied access by the operating system. Setup programs should perform one of the following actions to ensure their component setup is not broken when used on systems encrypted with EFS:

  • Create your own random temporary directory

  • Create the files with the system attribute set (dwFlagsAndAttributes of CreateFile has FILE_ATTRIBUTE_SYSTEM set)

  • Detect that the %TEMP% directory is encrypted (use GetFileAttributes) and remove the encrypted bit from your files


Previous page
Table of content
Next page
Writing Secure Code
Writing Secure Code, Second Edition
ISBN: 0735617228
EAN: 2147483647
Year: 2001
Pages: 286
Authors: Michael Howard, David LeBlanc
BUY ON AMAZON
SQL Tips & Techniques (Miscellaneous)
Documenting Software Architectures: Views and Beyond
Cisco Voice Gateways and Gatekeepers
Mapping Hacks: Tips & Tools for Electronic Cartography
Introducing Microsoft ASP.NET AJAX (Pro - Developer)
Mastering Delphi 7
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy