locked
Can I make a file accessible to write under IE protected mode by setting the file to low integrity level RRS feed

  • Question

  • We have a IE add-on component that needs to write some data to a log file under C:\\ProgramData\\MyFolder folder. We hope it can work under IE protected mode too. But now it only works when IE is not in the protected mode. I understand that only some special folders (\Users\$USER$\AppData\Local\Microsoft\Windows\Temporary Internet Files, \Users\$USER$\AppData\Local\Microsoft\Windows\History) are accessible for IE protected  mode for security. After reading the article belows
    http://msdn.microsoft.com/library/default.asp?url=/library/en-us/IETechCol/dnwebgen/ProtectedMode.asp

    I  tried to lower the resource (the file and its parents folders) integrity level as low with the following codes. And 
    SetNamedSecurityInfo call return S_OK.
    But I could not create a new file or write any data into the existing file by using CreateFile and WriteFile calls though the two functions return valid handle and TRUE respectively?? Please let me know what wrong it could be. Thanks a lot!
    #include <sddl.h>
    #include <AccCtrl.h>
    #include <Aclapi.h>

    void SetLowLabelToFile()
    {
    // The LABEL_SECURITY_INFORMATION SDDL SACL to be set for low integrity
    #define LOW_INTEGRITY_SDDL_SACL_W L"S:(ML;;NW;;;LW)"
    DWORD dwErr = ERROR_SUCCESS;
    PSECURITY_DESCRIPTOR pSD = NULL;

    PACL pSacl = NULL; // not allocated
    BOOL fSaclPresent = FALSE;
    BOOL fSaclDefaulted = FALSE;
    LPCWSTR pwszFileName = L"C:\\ProgramData\\MyFolder\\MyLog.log";

    if (ConvertStringSecurityDescriptorToSecurityDescriptorW(
    LOW_INTEGRITY_SDDL_SACL_W, SDDL_REVISION_1, &pSD, NULL))
    {
    if (GetSecurityDescriptorSacl(pSD, &fSaclPresent, &pSacl,
    &fSaclDefaulted))
    {
    // Note that psidOwner, psidGroup, and pDacl are
    // all NULL and set the new LABEL_SECURITY_INFORMATION
    dwErr = SetNamedSecurityInfoW((LPWSTR) pwszFileName,
    SE_FILE_OBJECT, LABEL_SECURITY_INFORMATION,
    NULL, NULL, NULL, pSacl);
    }
    LocalFree(pSD);
    }
    }
    Thursday, March 1, 2007 1:24 AM

All replies

  • It's possible that these calls are shimmed and redirected to other locations. Did you look for this file on the entire disk?

    Thursday, March 1, 2007 10:47 PM