?unable to search in accessible directory

MMx · Post by *MMx » 2014-02-28, 10:14 UTC

When I tried to do a file search in a git repository (created by cygwin git), I got an Access denied error. Investigating this I discovered that this is because TC opens the directory with Traverse folder permission. I understand that this might be useful if there's an inaccessible directory and another accessible one inside, but it actually causes problems when the user doesn't have traverse access to that directory (which is my case). Steps for replication are:
1. Create a directory anywhere
2. Right click, Properties, Security, Advanced, Change Permissions, Add..., for Everyone, Deny for Traverse, OK
3. Now you can freely browse the directory, write and read files, same for subdirectories, but starting a file search with that directory as Search for: path fails. Also searching with Windows Explorer works.
I've also noticed similar errors associated with that path, e.g. changing to it with the cd command gives Access denied (changing with enter works), starting an application from the toolbar without any Start path given (defaults to the current one) starts it in the .exe directory, not the currently opened one.

This behavior is the same in TC 6.56 and TC 8.50 64bit.

Post by *ghisler(Author) » 2014-02-28, 17:19 UTC

TC uses just normal FindFirstFileEx, nothing special. What do you mean with "traverse folder permission"?

Here is the exact call (Delphi):

FindFirstFileExW(path,
0{FindExInfoStandard},
finddataW,
0{FindExSearchNameMatch},
nil,
2*booltoint(not is_linux){FIND_FIRST_EX_LARGE_FETCH});

MMx · Post by *MMx » 2014-03-04, 15:04 UTC

The call that fails is CreateFile, which happens before FindFirstFileExW. You can find the documentation of that permission here: http://msdn.microsoft.com/en-us/library/windows/desktop/gg258116%28v=vs.85%29.aspx#file_traverse
These are the relevant procmon events

Code: Select all

"Time of Day","Process Name","PID","Operation","Path","Result","Detail"
"15:53:32.2615471","TOTALCMD64.EXE","2708","CreateFile","C:\a","ACCESS DENIED","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
"15:53:32.2617119","TOTALCMD64.EXE","2708","CreateFile","C:\a","IS DIRECTORY","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
"15:53:32.2618085","TOTALCMD64.EXE","2708","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"15:53:32.2618498","TOTALCMD64.EXE","2708","QueryDirectory","C:\a","SUCCESS","Filter: a, 1: a"
"15:53:32.2618912","TOTALCMD64.EXE","2708","CloseFile","C:\","SUCCESS",""

sky66 · Post by *sky66 » 2014-03-04, 15:12 UTC

Please refer to Microsoft website.
http://support.microsoft.com/kb/277867/en-us
for the "traverse folder" permission information:
---Traverse Folder allows or denies moving through folders to reach other files or folders, even if the user has no permissions for the traversed folders (applies to folders only). Traverse Folder takes effect only when the group or user is not granted the Bypass Traverse Checking user right in the Group Policy snap-in. (By default, the Everyone group is given the Bypass Traverse Checking user right.)---

Although it is rare to use and difficult to understand.
I still tried to set a directory "traverse folder" permission to denies.
The results as MMX mentioned, Windows Explorer works.
But TC 8.51b 64/32bit no files found in the "traverse folder:denies" directory.

And I also tried to use IrfanView Thumbnails 'Search file' function.
It can found the file in the "traverse folder:denies" directory.

Post by *ghisler(Author) » 2014-03-05, 14:53 UTC

CreateFile? There is no CreateFile to get a directory list, just a FindFirstFile or FindFirstFileEx...

MMx · Post by *MMx » 2014-03-06, 13:20 UTC

Looks like CreateFile is called internally by FindFirstFile, but the actual Windows API function FindFirstFile calls it with a different desired access parameter:

Code: Select all

"14:12:32.6186940","FindFirstFile.exe","4364","CreateFile","D:\adresar","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"

Is it possible to call directly Windows API from Delphi, bypassing the runtime?

MVV · Post by *MVV » 2014-03-06, 13:22 UTC

MMx,
Christian already calls Windows API directly (FindFirstFile[Ex]), but these functions doesn't allow setting parameters for inner API calls.

Post by *ghisler(Author) » 2014-03-06, 15:24 UTC

Yes, TC now calls FindFirstFileEx for larger buffer size - this is necessary for two reasons:
1. Increased speed
2. Incomplete directory listings are returned by the SMB server on MacOS when using FindFirstFile, but it's OK with FindFirstFileEx and larger buffer size