Solved

How do you secure Windows objects using C++?

Posted on 2007-11-20
7
298 Views
Last Modified: 2013-12-14
Hi, I am currently working on a project which is an investigation into windows file security. The aim of the project is to develop a user-friendly application which allows users to password protect objects such as files/folders/applications on a Windows operating system. I have done some studying into this type of application and I believe the key is to itercept Windows Hooks in order to divert the call to my application whenever a protected object is accessed. Could anyone help me out with some sample code that demontrates the basics of how I can configure a Security Descriptor to block access and apply it to an object? And some sample code of how to intercept Windows Hooks? Or even any information that concerns this type of project.

Thanks,

James.
0
Comment
Question by:sheishmaster
  • 3
  • 2
  • 2
7 Comments
 
LVL 86

Assisted Solution

by:jkr
jkr earned 300 total points
ID: 20325431
'BuildExplicitAccessWithName()' is an API for that (along with several others), e.g.

    LPTSTR FileName = "C:\\Temp\\MyDir\\SomeFile.txt";
    LPTSTR TrusteeName = "Everyone";

    DWORD AccessMask = GENERIC_ALL;
    DWORD InheritFlag = CONTAINER_INHERIT_ACE;
    ACCESS_MODE option = GRANT_ACCESS;
    EXPLICIT_ACCESS explicitaccess;

    PACL ExistingDacl;
    PACL NewAcl = NULL;
    PSECURITY_DESCRIPTOR psd = NULL;

    DWORD dwError;

    dwError = GetNamedSecurityInfo(
                        FileName,
                        SE_FILE_OBJECT,
                        DACL_SECURITY_INFORMATION,
                        NULL,
                        NULL,
                        &ExistingDacl,
                        NULL,
                        &psd
                        );

    BuildExplicitAccessWithName(
            &explicitaccess,
            TrusteeName,
            AccessMask,
            option,
            InheritFlag
            );

    //
    // add specified access to the object
    //

    dwError = SetEntriesInAcl(
            1,
            &explicitaccess,
            ExistingDacl,
            &NewAcl
            );

    //
    // apply new security to file
    //

    dwError = SetNamedSecurityInfo(
                    FileName,
                    SE_FILE_OBJECT, // object type
                    DACL_SECURITY_INFORMATION,
                    NULL,
                    NULL,
                    NewAcl,
                    NULL
                    );

(This is a stripped down version of the MS' AclAPI sample)
0
 
LVL 2

Author Comment

by:sheishmaster
ID: 20325860
Hi thanks for your response, are there any files I must include to compile this code? and also do you know anything about intercepting Windows hooks?

Thanks,

James.
0
 
LVL 11

Assisted Solution

by:DeepuAbrahamK
DeepuAbrahamK earned 200 total points
ID: 20326165
0
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

 
LVL 11

Assisted Solution

by:DeepuAbrahamK
DeepuAbrahamK earned 200 total points
ID: 20326177
0
 
LVL 86

Expert Comment

by:jkr
ID: 20330271
>>are there any files I must include to compile this code?

'aclapi.h' is necessary. What do you need to know about hooks in that context and what objects do you want to secure in particular?
0
 
LVL 2

Author Comment

by:sheishmaster
ID: 20330324
jkr: The objects I am looking to secure are files/folders and applications. So I want to use Windows Hooks to intercept a call to whenever a user tries to access any of these objects that are protected to direct the user to my application which will prompt them for a password.

If this doesnt sound a simple way to do it, could you suggest a better way or even some advice on ways of doing it?

Thanks,

James.
0
 
LVL 86

Accepted Solution

by:
jkr earned 300 total points
ID: 20330366
Well, in that case, you should not go for Windows hooks, but for API hooks to intercept function calls. Take a look at http://www.windowsitlibrary.com/Content/356/06/2.html ("Hooking Windows NT System Services") and http://www.codeproject.com/system/hooksys.asp ("API hooking revealed"). In a nutshell, you'intercept the file API calls, check the file's name and then pop-up your password dialog. In case of success, you'd foward the call the the original API or return an error code otherwise.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
deny local logon 12 94
What is the Best Editor for PHP Development ? 5 75
Recommendation vb6 to vb.net or others 14 150
max float value 3 41
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
The viewer will learn how to use and create keystrokes in Netbeans IDE 8.0 for Windows.
The viewer will learn additional member functions of the vector class. Specifically, the capacity and swap member functions will be introduced.

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question