Prev: Do WIA scan without calling IWiaDevMgr->DeviceDlg()
Next: General portio sample problem
From: Mark on 11 Feb 2010 13:44
On 11 Feb, 17:57, "Maxim S. Shatskih" <ma...(a)storagecraft.com.no.spam>
wrote:
> > - will this work for non-plug and play devices ?
>
> Yes.
>
> > - Also, I assume my ACL should be on the device objects created by the
> > driver rather than the driver object itself  ??
>
> On device object.
>
> > - Should i put my ACL on all devices in the device stack to be safe ?
>
> No, only on named ones.
>
> > - Does the system actually enforce the checking of the ACL
>
> Yes it does. But note that in a devnode, the actually opened by name DO is the one used for checks - the actual bearer of the name.
>
> That's why MS suggests all DOs in the devnode to be nameless except the PDO with the autogenerated name and the symlinks referencing this name.
>
> Sometimes this is violated. On a CD/DVD stack, the PnP device interface name references the PDO created by the storage port, while \\.\E: reference the FDO created by CdRom.sys. They have different ACLs.
>
> --
> Maxim S. Shatskih
> Windows DDK MVP
> ma...(a)storagecraft.comhttp://www.storagecraft.com

Many thanks Maxim ... greatly appreciate the help.
First  |  Prev  | 
Pages: 1 2
Prev: Do WIA scan without calling IWiaDevMgr->DeviceDlg()
Next: General portio sample problem