Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Detecting and preventing writing certain files (i.e .doc) to the hdd using c++.

Posted on 2007-03-22
6
Medium Priority
?
189 Views
Last Modified: 2013-11-22
I am writing an application using c++ and I have 2 questions.
a. How can I get a notification that a user is trying to write a file to the hard drive (any file and a specific file extension) ?
b. After detecting an attempt to write the file to the disk how can I prevent the operation ?
thanks.
0
Comment
Question by:iddo_shoham
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 53

Expert Comment

by:Infinity08
ID: 18770313
This is certainly not a trivial thing to do.

First of all, what operating system are we talking about ?

Why do you want to use it ? There might be a better way to achieve what you want.

Usually, you can write-protect drives, directories, files for certain users. Is that sufficient ?
0
 
LVL 39

Expert Comment

by:itsmeandnobodyelse
ID: 18770378
>>>> any file and a specific file extension
Your approach will not work even if you get the wished notification. The problem is that when renaming a file you won't get a notification cause it is a change of the directory rather than a change of the file. Also moving a file from one directory to another will give no write action if the directroies were located at the same disk.

If it really makes sense to prevent people from creating files of a specific type, you should remove the programs where they can store such files or give them read-only access for all folders where they shouldn't write to.

Regards, Alex
0
 
LVL 25

Expert Comment

by:kode99
ID: 18771006
In order to do this sort of thing you will need to 'hook' into windows itself.  What this does is provide a notification which executes a callback function,  this is the 'hooked' into the OS.  So every time the OS performs a certain task your callback function will be executed.  It's kind of like writing a custom event to override a default event for a program,  except you can override windows API calls at a low level.

This is tricky business and you may need to filter through a lot of OS events to find the specific ones you want to prevent.  This can lead to performance penalties etc.

Here is a link to a toolkit for C++ and Delphi which can simplify the coding required,

http://www.madshi.net/madCodeHookDescription.htm

Also there is form and some good information about code hooking techniques,

http://help.madshi.net/madCodeHook.htm

0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 
LVL 22

Expert Comment

by:grg99
ID: 18772899
It's not too hard to do, Windows provides API's for hooking file and directory operations.

That is, if the user is "friendly".  The security system in Windows makes it all too easy for a user to find these hooks and undo them.

0
 

Author Comment

by:iddo_shoham
ID: 18773502
Thanks for all of your replies.
Infinity08: the operating system is WinXp, I am writing an application that should be able to allow the administrator to prevent not admin users from saving certain file types to the hdd .
Kode99: thanks for the interesting links, can you point me to the direction to override windows API calls at a low level without using the toolkit?.
grg99: can you please elaborate, what API should I use, can you post some example code .
0
 
LVL 25

Accepted Solution

by:
kode99 earned 2000 total points
ID: 18776209
MS's documentation,

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/winui/winui/windowsuserinterface/windowing/hooks.asp

Decent article that steps through it,

http://www.devsource.com/article2/0,1895,1969408,00.asp

The madshi site also contains some useful general information about hooking.

There are a crap load of hooking SDK's around but many are just a framework for the win hooking api.
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
The viewer will learn additional member functions of the vector class. Specifically, the capacity and swap member functions will be introduced.
The viewer will be introduced to the technique of using vectors in C++. The video will cover how to define a vector, store values in the vector and retrieve data from the values stored in the vector.

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question