Opening and locking physical drives

Iâ??ve found some contradictory information regarding how a physical drive
should be opened and volume(s) locked. In this case Iâ??m trying to get
exclusive control of a floppy, which apparently behaves different than other
drives.

CreateFile docs claim that for opening a physical disk or volume
administrator privileges are required. This seems to be wrong, at least it is
definitely wrong for floppies under XP and Win 2K.

Docs also note that it should be opened with FILE_SHARE_WRITE and in other
docs both FILE_SHARE_READ and FILE_SHARE_WRITE are mentioned. I tried opening
without any sharing and it works fine. Is opening with sharing required, why?

Lastly, how exactly the system considers a handle to a floppy device? It is
a physical drive handle, a volume handle, both?

Thanks,

Maxim
Thu Apr 13 12:48:00 CDT 2006

> CreateFile docs claim that for opening a physical disk or volume
> administrator privileges are required. This seems to be wrong, at least it is
> definitely wrong for floppies under XP and Win 2K.

But this is true for fixed disks. It's obvious - if non-admins will be able to
read the disk blockwise, then what is the purpose in NTFS file ACLs? :-)

Any app which wants to lock the fixed disk, or to read it blockwise can only
run as admin. This is normal, since the task is administrative by its essense.

Even pursuing the goal of running such things as limited user is evil, since it
defeats the NT's filesystem security.

--
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
maxim@storagecraft.com
http://www.storagecraft.com

ijor
Sat Apr 15 12:56:02 CDT 2006

"Maxim S. Shatskih" wrote:

> > CreateFile docs claim that for opening a physical disk or volume
> > administrator privileges are required. This seems to be wrong, at least it is
> > definitely wrong for floppies under XP and Win 2K.
>
> But this is true for fixed disks. It's obvious - if non-admins will be able to
> read the disk blockwise, then what is the purpose in NTFS file ACLs? :-)
>
> Any app which wants to lock the fixed disk, or to read it blockwise can only
> run as admin. This is normal, since the task is administrative by its essense.
>
> Even pursuing the goal of running such things as limited user is evil, since it
> defeats the NT's filesystem security.

Of course, but the CreateFile documentation doesnâ??t make any distinction
between fixed disk and floppies, or between secured and unsecured file
systems for that matter. You could have an unsecured FAT partition on a hard
disk, and opening the volume as ready only should not present a security
compromise.

Anyway, I am specifically interested in floppies. Iâ??m not trying to nitpick
about minor documentation errors, just want to know about the extent of the
doc error. Can floppies always be opened and locked without admin privileges?
It depends on the exact OS? Itâ??s actually up to the floppy driver and then it
might be different with USB floppies?

David
Sat Apr 15 13:26:28 CDT 2006

If you were to think about the difference between floppies and other media
the different requirements would make sense. Other media forms do not
require real physical format just to use them and you wouldn't want to force
an administrator to come to the machine so a user could format a new floppy.
Formatting a floppy can do a real format and not just a logical format. It
does appear that the docs are misleading in that it says a normal user
cannot open a floppy drive or volume. Have you tested on disk volumes or
physical fixed disk drives? You can try WinHex since it does both types.

"ijor" <ijor@nospam.nospam> wrote in message
news:C2627D41-C05B-4B7E-B1E5-7058E18D33CF@microsoft.com...
> "Maxim S. Shatskih" wrote:
>
>> > CreateFile docs claim that for opening a physical disk or volume
>> > administrator privileges are required. This seems to be wrong, at least
>> > it is
>> > definitely wrong for floppies under XP and Win 2K.
>>
>> But this is true for fixed disks. It's obvious - if non-admins will be
>> able to
>> read the disk blockwise, then what is the purpose in NTFS file ACLs? :-)
>>
>> Any app which wants to lock the fixed disk, or to read it blockwise can
>> only
>> run as admin. This is normal, since the task is administrative by its
>> essense.
>>
>> Even pursuing the goal of running such things as limited user is evil,
>> since it
>> defeats the NT's filesystem security.
>
> Of course, but the CreateFile documentation doesn't make any distinction
> between fixed disk and floppies, or between secured and unsecured file
> systems for that matter. You could have an unsecured FAT partition on a
> hard
> disk, and opening the volume as ready only should not present a security
> compromise.
>
> Anyway, I am specifically interested in floppies. I'm not trying to
> nitpick
> about minor documentation errors, just want to know about the extent of
> the
> doc error. Can floppies always be opened and locked without admin
> privileges?
> It depends on the exact OS? It's actually up to the floppy driver and then
> it
> might be different with USB floppies?
>
>

Alexander
Sat Apr 15 14:17:04 CDT 2006

I think access to floppies are governed by "Allow format removeable media"
security policy.

"David J. Craig" <Dave@yoshimuni.com> wrote in message
news:%23d72eoLYGHA.3740@TK2MSFTNGP03.phx.gbl...
> If you were to think about the difference between floppies and other media
> the different requirements would make sense. Other media forms do not
> require real physical format just to use them and you wouldn't want to
> force an administrator to come to the machine so a user could format a new
> floppy. Formatting a floppy can do a real format and not just a logical
> format. It does appear that the docs are misleading in that it says a
> normal user cannot open a floppy drive or volume. Have you tested on disk
> volumes or physical fixed disk drives? You can try WinHex since it does
> both types.
>
> "ijor" <ijor@nospam.nospam> wrote in message
> news:C2627D41-C05B-4B7E-B1E5-7058E18D33CF@microsoft.com...
>> "Maxim S. Shatskih" wrote:
>>
>>> > CreateFile docs claim that for opening a physical disk or volume
>>> > administrator privileges are required. This seems to be wrong, at
>>> > least it is
>>> > definitely wrong for floppies under XP and Win 2K.
>>>
>>> But this is true for fixed disks. It's obvious - if non-admins will be
>>> able to
>>> read the disk blockwise, then what is the purpose in NTFS file ACLs? :-)
>>>
>>> Any app which wants to lock the fixed disk, or to read it blockwise can
>>> only
>>> run as admin. This is normal, since the task is administrative by its
>>> essense.
>>>
>>> Even pursuing the goal of running such things as limited user is evil,
>>> since it
>>> defeats the NT's filesystem security.
>>
>> Of course, but the CreateFile documentation doesn't make any distinction
>> between fixed disk and floppies, or between secured and unsecured file
>> systems for that matter. You could have an unsecured FAT partition on a
>> hard
>> disk, and opening the volume as ready only should not present a security
>> compromise.
>>
>> Anyway, I am specifically interested in floppies. I'm not trying to
>> nitpick
>> about minor documentation errors, just want to know about the extent of
>> the
>> doc error. Can floppies always be opened and locked without admin
>> privileges?
>> It depends on the exact OS? It's actually up to the floppy driver and
>> then it
>> might be different with USB floppies?
>>
>>
>
>

ijor
Mon Apr 17 13:36:01 CDT 2006

"Alexander Grigoriev" wrote:

> I think access to floppies are governed by "Allow format removeable media"
> security policy.

Interesting idea, but no. I tried and seems that setting is not affecting
standard floppies. Apparently this policy setting was renamed between Win2k
and XP, but the description in both cases (naming NTFS) suggests it was
intended for removable hard disks, or at least for high capacity floppies.