[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

How do you secure Windows objects using C++?

Posted on 2007-11-20
7
Medium Priority
?
314 Views
Last Modified: 2013-12-14
Hi, I am currently working on a project which is an investigation into windows file security. The aim of the project is to develop a user-friendly application which allows users to password protect objects such as files/folders/applications on a Windows operating system. I have done some studying into this type of application and I believe the key is to itercept Windows Hooks in order to divert the call to my application whenever a protected object is accessed. Could anyone help me out with some sample code that demontrates the basics of how I can configure a Security Descriptor to block access and apply it to an object? And some sample code of how to intercept Windows Hooks? Or even any information that concerns this type of project.

Thanks,

James.
0
Comment
Question by:sheishmaster
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 86

Assisted Solution

by:jkr
jkr earned 1200 total points
ID: 20325431
'BuildExplicitAccessWithName()' is an API for that (along with several others), e.g.

    LPTSTR FileName = "C:\\Temp\\MyDir\\SomeFile.txt";
    LPTSTR TrusteeName = "Everyone";

    DWORD AccessMask = GENERIC_ALL;
    DWORD InheritFlag = CONTAINER_INHERIT_ACE;
    ACCESS_MODE option = GRANT_ACCESS;
    EXPLICIT_ACCESS explicitaccess;

    PACL ExistingDacl;
    PACL NewAcl = NULL;
    PSECURITY_DESCRIPTOR psd = NULL;

    DWORD dwError;

    dwError = GetNamedSecurityInfo(
                        FileName,
                        SE_FILE_OBJECT,
                        DACL_SECURITY_INFORMATION,
                        NULL,
                        NULL,
                        &ExistingDacl,
                        NULL,
                        &psd
                        );

    BuildExplicitAccessWithName(
            &explicitaccess,
            TrusteeName,
            AccessMask,
            option,
            InheritFlag
            );

    //
    // add specified access to the object
    //

    dwError = SetEntriesInAcl(
            1,
            &explicitaccess,
            ExistingDacl,
            &NewAcl
            );

    //
    // apply new security to file
    //

    dwError = SetNamedSecurityInfo(
                    FileName,
                    SE_FILE_OBJECT, // object type
                    DACL_SECURITY_INFORMATION,
                    NULL,
                    NULL,
                    NewAcl,
                    NULL
                    );

(This is a stripped down version of the MS' AclAPI sample)
0
 
LVL 2

Author Comment

by:sheishmaster
ID: 20325860
Hi thanks for your response, are there any files I must include to compile this code? and also do you know anything about intercepting Windows hooks?

Thanks,

James.
0
 
LVL 11

Assisted Solution

by:Deepu Abraham
Deepu Abraham earned 800 total points
ID: 20326165
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 11

Assisted Solution

by:Deepu Abraham
Deepu Abraham earned 800 total points
ID: 20326177
0
 
LVL 86

Expert Comment

by:jkr
ID: 20330271
>>are there any files I must include to compile this code?

'aclapi.h' is necessary. What do you need to know about hooks in that context and what objects do you want to secure in particular?
0
 
LVL 2

Author Comment

by:sheishmaster
ID: 20330324
jkr: The objects I am looking to secure are files/folders and applications. So I want to use Windows Hooks to intercept a call to whenever a user tries to access any of these objects that are protected to direct the user to my application which will prompt them for a password.

If this doesnt sound a simple way to do it, could you suggest a better way or even some advice on ways of doing it?

Thanks,

James.
0
 
LVL 86

Accepted Solution

by:
jkr earned 1200 total points
ID: 20330366
Well, in that case, you should not go for Windows hooks, but for API hooks to intercept function calls. Take a look at http://www.windowsitlibrary.com/Content/356/06/2.html ("Hooking Windows NT System Services") and http://www.codeproject.com/system/hooksys.asp ("API hooking revealed"). In a nutshell, you'intercept the file API calls, check the file's name and then pop-up your password dialog. In case of success, you'd foward the call the the original API or return an error code otherwise.
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
The goal of the tutorial is to teach the user how to use functions in C++. The video will cover how to define functions, how to call functions and how to create functions prototypes. Microsoft Visual C++ 2010 Express will be used as a text editor an…
The viewer will be introduced to the member functions push_back and pop_back of the vector class. The video will teach the difference between the two as well as how to use each one along with its functionality.
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question