Permenet Lock?

This is a discussion on Permenet Lock? within the Windows Programming forums, part of the Platform Specific Boards category; LockFile () will only lock a file for the duration of the locking proccess, is there a way I can ...

  1. #1
    Registered User Queatrix's Avatar
    Join Date
    Apr 2005
    Posts
    1,342

    Permenet Lock?

    LockFile() will only lock a file for the duration of the locking proccess, is there a way I can lock a file for good? (With out encrypting it.)

  2. #2
    C++ Developer XSquared's Avatar
    Join Date
    Jun 2002
    Location
    Ontario, Canada
    Posts
    2,718
    Why do you need to lock a file "for good"? Also, read locks, write locks or both? And do you want it to stay locked across reboots?
    Naturally I didn't feel inspired enough to read all the links for you, since I already slaved away for long hours under a blistering sun pressing the search button after typing four whole words! - Quzah

    You. Fetch me my copy of the Wall Street Journal. You two, fight to the death - Stewie

  3. #3
    Registered User Queatrix's Avatar
    Join Date
    Apr 2005
    Posts
    1,342
    I wanna block all access to the file, and keep it that way across reboots.

  4. #4
    C++ Developer XSquared's Avatar
    Join Date
    Jun 2002
    Location
    Ontario, Canada
    Posts
    2,718
    Wouldn't deleting the file have the same effect?
    Naturally I didn't feel inspired enough to read all the links for you, since I already slaved away for long hours under a blistering sun pressing the search button after typing four whole words! - Quzah

    You. Fetch me my copy of the Wall Street Journal. You two, fight to the death - Stewie

  5. #5
    Registered User Queatrix's Avatar
    Join Date
    Apr 2005
    Posts
    1,342
    Well, not all access, just reading and writing. And I want to be abe to unlock it later. So it's still far from deleting it.

  6. #6
    Malum in se abachler's Avatar
    Join Date
    Apr 2007
    Posts
    3,189
    look at the example project called 'TAKEOWN', its from VC++ 4.0 so its an older example, btu it details how to change a files security settings. I actually had to use it to force a file unlocked. seems Asheron's Call 2 beta crashed during install and left the file permanently locked even to an admin account. So yes, its possible somehow to do it, although im not entirely sure of the exact method. Im sure since takeown unlocked it, it should let you relock it using appropriate modifications to the function calls.
    Until you can build a working general purpose reprogrammable computer out of basic components from radio shack, you are not fit to call yourself a programmer in my presence. This is cwhizard, signing off.

  7. #7
    Registered User Queatrix's Avatar
    Join Date
    Apr 2005
    Posts
    1,342
    I can't find a download (did find a help page on it though), know where I can download it? (and it's source?)

  8. #8
    Malum in se abachler's Avatar
    Join Date
    Apr 2007
    Posts
    3,189
    This is for educational purposes only, please do not copy and paste the code.

    Code:
    /******************************************************************************\
    *       This is a part of the Microsoft Source Code Samples. 
    *       Copyright (C) 1993-1997 Microsoft Corporation.
    *       All rights reserved. 
    *       This source code is only intended as a supplement to 
    *       Microsoft Development Tools and/or WinHelp documentation.
    *       See these sources for detailed information regarding the 
    *       Microsoft samples programs.
    \******************************************************************************/
    /*++
    Module Name:
        Takeown.c
    Abstract:
        Implements a recovery scheme to give an Administrator access to a 
        file that has been denied to all.  
    Environment:
        Must be run from an Administrator account in order to perform 
        reliably.  
    --*/
    #include <windows.h>
    #include <stdio.h>
    #include <malloc.h>
    BOOL
    AssertTakeOwnership(
        HANDLE TokenHandle
        );
    BOOL
    GetTokenHandle(
        PHANDLE TokenHandle
        );
    BOOL
    VariableInitialization();
     
    
    PSID AliasAdminsSid = NULL;
    PSID SeWorldSid;
    static SID_IDENTIFIER_AUTHORITY    SepNtAuthority = SECURITY_NT_AUTHORITY;
    static SID_IDENTIFIER_AUTHORITY    SepWorldSidAuthority   = SECURITY_WORLD_SID_AUTHORITY;
     
    
    void main (int argc, char *argv[])
    {
    
        BOOL Result;
        LPSTR lpFileName;
        SECURITY_DESCRIPTOR SecurityDescriptor;
        HANDLE TokenHandle;
    
        //
        // We expect a file...
        //
        if (argc <= 1) {
            printf("Must specify a file name");
            return;
        }
    
        lpFileName = argv[1];
    
        Result = VariableInitialization();
        if ( !Result ) {
            printf("Out of memory\n");
            return;
        }
     
    
        Result = GetTokenHandle( &TokenHandle );
        if ( !Result ) {
            //
            // This should not happen
            //
            printf("Unable to obtain the handle to our token, exiting\n");
            return;
        }
     
     
    
        //
        // Attempt to put a NULL Dacl on the object
        //
        InitializeSecurityDescriptor( &SecurityDescriptor, SECURITY_DESCRIPTOR_REVISION );
    
        Result = SetSecurityDescriptorDacl (
                     &SecurityDescriptor,
                     TRUE,
                     NULL,
                     FALSE
                     );
     
        if ( !Result ) {
            printf("SetSecurityDescriptorDacl failed, error code = &#37;d\n", GetLastError());
            printf("Exiting\n");
            return;
        }
        Result = SetFileSecurity(
                     lpFileName,
                     DACL_SECURITY_INFORMATION,
                     &SecurityDescriptor
                     );
        if ( Result ) {
            printf("Successful, protection removed\n");
            return;
        } 
    
        //
        // That didn't work.
        //
    
        //
        // Attempt to make Administrator the owner of the file.
        //
    
        Result = SetSecurityDescriptorOwner (
                     &SecurityDescriptor,
                     AliasAdminsSid,
                     FALSE
                     );
        if ( !Result ) {
            printf("SetSecurityDescriptorOwner failed, lasterror = %d\n", GetLastError());
            return;
        }
    
        Result = SetFileSecurity(
                     lpFileName,
                     OWNER_SECURITY_INFORMATION,
                     &SecurityDescriptor
                     );
        if ( !Result ) {
    
            //
            // That didn't work either.
            //
     
            //
            // Assert TakeOwnership privilege, then try again.  Note that
            // since the privilege is only enabled for the duration of 
            // this process, we don't have to worry about turning it off
            // again.
            //
            Result = AssertTakeOwnership( TokenHandle );
            if ( !Result ) {
                printf("Could not enable SeTakeOwnership privilege\n");
                printf("Log on as Administrator and try again\n");
                return;
            }
    
            Result = SetFileSecurity(
                         lpFileName,
                         OWNER_SECURITY_INFORMATION,
                         &SecurityDescriptor
                         );
            if ( !Result ) {
                printf("Unable to assign Administrator as owner\n");
                printf("Log on as Administrator and try again\n");
                return;
            }
        }
        //
        // Try to put a benign DACL onto the file again
        //
        Result = SetFileSecurity(
                     lpFileName,
                     DACL_SECURITY_INFORMATION,
                     &SecurityDescriptor
                     );
        if ( !Result ) {
            //
            // This should not happen.
            //
            printf("SetFileSecurity unexpectedly failed, error code = %d\n", GetLastError());
        } else {
            printf("Successful, protection removed\n");
            return;
        }
    }
     
     
    BOOL
    GetTokenHandle(
        PHANDLE TokenHandle
        )
    //
    // This routine will open the current process and return
    // a handle to its token.
    //
    // These handles will be closed for us when the process
    // exits.
    //
    {
        HANDLE ProcessHandle;
        BOOL Result;
        ProcessHandle = OpenProcess(
                            PROCESS_QUERY_INFORMATION,
                            FALSE,
                            GetCurrentProcessId()
                            );
        if ( ProcessHandle == NULL ) {
            //
            // This should not happen
            //
            return( FALSE );
        }
    
        Result = OpenProcessToken (
                     ProcessHandle,
                     TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,
                     TokenHandle
                     );
        if ( !Result ) {
            //
            // This should not happen
            //
            return( FALSE );
        }
        return( TRUE );
    }
    
    BOOL
    AssertTakeOwnership(
        HANDLE TokenHandle
        )
    //
    // This routine turns on SeTakeOwnershipPrivilege in the current
    // token.  Once that has been accomplished, we can open the file
    // for WRITE_OWNER even if we are denied that access by the ACL
    // on the file.
    {
        LUID TakeOwnershipValue;
        BOOL Result;
        TOKEN_PRIVILEGES TokenPrivileges;
    
        //
        // First, find out the value of TakeOwnershipPrivilege
        //
    
        Result = LookupPrivilegeValue(
                     NULL,
                     "SeTakeOwnershipPrivilege",
                     &TakeOwnershipValue
                     );
        if ( !Result ) {
            //
            // This should not happen
            //
            printf("Unable to obtain value of TakeOwnership privilege\n");
            printf("Error = %d\n",GetLastError());
            printf("Exiting\n");
            return FALSE;
        }
        //
        // Set up the privilege set we will need
        //
        TokenPrivileges.PrivilegeCount = 1;
        TokenPrivileges.Privileges[0].Luid = TakeOwnershipValue;
        TokenPrivileges.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
     
    
        (VOID) AdjustTokenPrivileges (
                    TokenHandle,
                    FALSE,
                    &TokenPrivileges,
                    sizeof( TOKEN_PRIVILEGES ),
                    NULL,
                    NULL
                    );
        if ( GetLastError() != NO_ERROR ) {
            return( FALSE );
        } else {
            return( TRUE );
        }
    }
     
    BOOL
    VariableInitialization()
    //
    // Create some useful SIDs.
    //
    {
        BOOL Result;
        Result = AllocateAndInitializeSid(
                     &SepNtAuthority,
                     2,
                     SECURITY_BUILTIN_DOMAIN_RID,
                     DOMAIN_ALIAS_RID_ADMINS,
                     0,
                     0,
                     0,
                     0,
                     0,
                     0,
                     &AliasAdminsSid
                     );
        if ( !Result ) {
            return( FALSE );
        }
    
        Result = AllocateAndInitializeSid(
                     &SepWorldSidAuthority,
                     1,
                     SECURITY_WORLD_RID,
                     0,
                     0,
                     0,
                     0,
                     0,
                     0,
                     0,
                     &SeWorldSid
                     );
        if ( !Result ) {
            return( FALSE );
        }
        return( TRUE );
    }
    Last edited by abachler; 06-26-2007 at 08:58 AM.
    Until you can build a working general purpose reprogrammable computer out of basic components from radio shack, you are not fit to call yourself a programmer in my presence. This is cwhizard, signing off.

  9. #9
    Registered User Queatrix's Avatar
    Join Date
    Apr 2005
    Posts
    1,342
    Thanks, do you have a link to the page you got this from?

    >> This is for educational purposes only, please do not copy and paste the code.
    Hmm, what good is it then? If your worried I'm going to pirate it, I'm not. if I need somthing it does I'll just duplicate the method (use of functions ect.), thats all, it'd totally be my own code.

  10. #10
    Malum in se abachler's Avatar
    Join Date
    Apr 2007
    Posts
    3,189
    Personally I couldnt care less if you copy it or not, I just dont want anyone (MS) getting upset that I posted code from their examples without 'permission'.
    Until you can build a working general purpose reprogrammable computer out of basic components from radio shack, you are not fit to call yourself a programmer in my presence. This is cwhizard, signing off.

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Replies: 33
    Last Post: 05-14-2009, 11:15 AM
  2. lock needed in this scenario?
    By George2 in forum C# Programming
    Replies: 1
    Last Post: 05-25-2008, 08:22 AM
  3. read write lock in C#
    By George2 in forum C# Programming
    Replies: 0
    Last Post: 04-16-2008, 09:49 AM
  4. Atomic Operations
    By Elysia in forum Windows Programming
    Replies: 27
    Last Post: 03-27-2008, 03:38 AM
  5. nested lock?
    By George2 in forum C# Programming
    Replies: 2
    Last Post: 03-23-2008, 09:33 AM

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21