2MarcinW
I don't think that this is possible between two separate processes belonging to different users - or is it?
-Copy problem (permissions, network drive)
Moderators: Hacker, petermad, Stefan2, white
-
ghisler(Author)
- Site Admin
- Posts: 50541
- Joined: 2003-02-04, 09:46 UTC
- Location: Switzerland
- Contact:
Author of Total Commander
https://www.ghisler.com
https://www.ghisler.com
I have no experience with this (so I wrote "probably"), but passing proper security attributes to CreateFileMapping (that allow both, and only these both, users to access the file mapping), calling DuplicateHandle and launching TCMADMIN should be enough.
There is also another possibility - instead of passing a handle of the mapping, the name of this mapping can be passed to TCMADMIN and opened by using OpenFileMapping. This name must be in the Global namespace, so this additionally requires "create global" privilege, and the name should be unique for TC instance and thread - for example: 'Global\TotalCommader'+IntToStr(GetCurrentThreadId)).
Some info here.
There is also another possibility - instead of passing a handle of the mapping, the name of this mapping can be passed to TCMADMIN and opened by using OpenFileMapping. This name must be in the Global namespace, so this additionally requires "create global" privilege, and the name should be unique for TC instance and thread - for example: 'Global\TotalCommader'+IntToStr(GetCurrentThreadId)).
Some info here.
-
ghisler(Author)
- Site Admin
- Posts: 50541
- Joined: 2003-02-04, 09:46 UTC
- Location: Switzerland
- Contact:
Yes, this might indeed work - but not how you describe it - instead, tcmadmin would have to create the file mapping, and TC itself would have to copy the file because tcmadmin cannot see the network shares.
Author of Total Commander
https://www.ghisler.com
https://www.ghisler.com
-
ghisler(Author)
- Site Admin
- Posts: 50541
- Joined: 2003-02-04, 09:46 UTC
- Location: Switzerland
- Contact:
TCMADMIN cannot open it because the entire network share is no accessible to it. That's why TC would have to open the file somehow.
Author of Total Commander
https://www.ghisler.com
https://www.ghisler.com
Let's make a small summary:
- TC has access to the network drive, but not to the "Program Files",
- TCMADMIN has access to the "Program Files", but not to the network drive.
Approach 1 (TCMADMIN makes copying):
Copying a file from the network drive (let's assume it is "Z:\file.txt") to the "Program Files" could be like this:
1) TC creates a read-only file mapping (CreateFileMapping) for "Z:\file.txt", with permissions also for elevated TCMADMIN,
2) TC launches TCMADMIN and gives it a handle to the mapping by:
a) calling CreateProcess with bInheritHandles=True and the handle as a command line parameter
or
b) calling CreateProcess, calling DuplicateHandle and passing duplicated handle to TCMADMIN by using a pipe/mailslot/window message/etc.,
3) TCMADMIN calls MapViewOfFile, creates "Program Files\file.txt" and copies data from the mapping there, sending progress/error information to TC,
4) TCMADMIN calls UnmapViewOfFile, closes the mapping handle by calling CloseHandle (only if it has been duplicated) and finishes,
5) TC closes the mapping handle by calling CloseHandle.
Copying a file from the "Program Files" to the network drive could be like this:
1) as above, but the file mapping must be writable
2) as above,
3) TCMADMIN calls MapViewOfFile, opens "Program Files\file.txt" and writes its contents to the mapping, sending progress/error information to TC,
4) as above,
5) as above.
Approach 2 (probably better - TC makes copying):
Copying a file from the network drive to the "Program Files" could be like this:
1) TC launches TCMADMIN with a "Program Files\file.txt" name as a command line parameter,
2) TCMADMIN creates a writable file mapping (CreateFileMapping) for "Program Files:\file.txt", with permissions also for TC,
3) TCMADMIN duplicates the mapping handle by calling DuplicateHandle and closes its own handle,
4) TCMADMIN passes duplicated handle to TC and finishes (process return code can't be used, because it is 32-bit, and a handle can be 64-bit),
5) TC calls MapViewOfFile, opens "Z:\file.txt" and writes its contents to the mapping,
6) TC calls UnmapViewOfFile and closes the mapping handle by calling CloseHandle.
Copying a file from the "Program Files" to the network drive could be like this:
1) as above,
2) as above, but a read-only file mapping is sufficient,
3) as above,
4) as above,
5) TC calls MapViewOfFile, creates "Z:\file.txt" and copies data from the mapping there,
6) as above.
It is possible, that file mappings could be replaced with CreateFile + DuplicateHandle (DuplicateHandle must receive valid handle access permissions for the another process in this case - CreateFile gets only file access permissions, not the handle access permisions).
- TC has access to the network drive, but not to the "Program Files",
- TCMADMIN has access to the "Program Files", but not to the network drive.
Approach 1 (TCMADMIN makes copying):
Copying a file from the network drive (let's assume it is "Z:\file.txt") to the "Program Files" could be like this:
1) TC creates a read-only file mapping (CreateFileMapping) for "Z:\file.txt", with permissions also for elevated TCMADMIN,
2) TC launches TCMADMIN and gives it a handle to the mapping by:
a) calling CreateProcess with bInheritHandles=True and the handle as a command line parameter
or
b) calling CreateProcess, calling DuplicateHandle and passing duplicated handle to TCMADMIN by using a pipe/mailslot/window message/etc.,
3) TCMADMIN calls MapViewOfFile, creates "Program Files\file.txt" and copies data from the mapping there, sending progress/error information to TC,
4) TCMADMIN calls UnmapViewOfFile, closes the mapping handle by calling CloseHandle (only if it has been duplicated) and finishes,
5) TC closes the mapping handle by calling CloseHandle.
Copying a file from the "Program Files" to the network drive could be like this:
1) as above, but the file mapping must be writable
2) as above,
3) TCMADMIN calls MapViewOfFile, opens "Program Files\file.txt" and writes its contents to the mapping, sending progress/error information to TC,
4) as above,
5) as above.
Approach 2 (probably better - TC makes copying):
Copying a file from the network drive to the "Program Files" could be like this:
1) TC launches TCMADMIN with a "Program Files\file.txt" name as a command line parameter,
2) TCMADMIN creates a writable file mapping (CreateFileMapping) for "Program Files:\file.txt", with permissions also for TC,
3) TCMADMIN duplicates the mapping handle by calling DuplicateHandle and closes its own handle,
4) TCMADMIN passes duplicated handle to TC and finishes (process return code can't be used, because it is 32-bit, and a handle can be 64-bit),
5) TC calls MapViewOfFile, opens "Z:\file.txt" and writes its contents to the mapping,
6) TC calls UnmapViewOfFile and closes the mapping handle by calling CloseHandle.
Copying a file from the "Program Files" to the network drive could be like this:
1) as above,
2) as above, but a read-only file mapping is sufficient,
3) as above,
4) as above,
5) TC calls MapViewOfFile, creates "Z:\file.txt" and copies data from the mapping there,
6) as above.
It is possible, that file mappings could be replaced with CreateFile + DuplicateHandle (DuplicateHandle must receive valid handle access permissions for the another process in this case - CreateFile gets only file access permissions, not the handle access permisions).
I haven't tried this. But DuplicateHandle can make a duplicate for any process, not only child process - as I suppose, we have to only pass a valid handle of the destination process in hTargetProcessHandle, and valid access rights in dwDesiredAccess. So this should be possible.
Yes, you are right. It's just a choice between copying between memory and file or between two files. The second method is simpler (less API calls) and also probably more compatible with existing TC code (i.e. Settings -> advanced file copying methods). File mappings could be better only in case of _named_ mappings, and opening such a mapping in other process by mapping name.