Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to disable VirtualStore for C++ programs?

I'd like my program to throw an error when it tries to create files in protected locations like the root of the C:\ drive (eg: FILE* FileHandle = fopen("\\file.txt", a)). Instead the file gets created in the Virtual Store under %APPDATA%.

How can I disable that Virtual Store?

Thanks

EDIT: Just to be clear, I'm not asking how to circumvent the security and create my file in a protected location. I want the file creation to FAIL so that I can tell the user he was an idiot.

like image 298
Zain Rizvi Avatar asked Jan 18 '11 23:01

Zain Rizvi


2 Answers

You add an application manifest. Choose asInvoker, highestAvailable, or requireAdministrator. It sounds like you want asInvoker.

From http://msdn.microsoft.com/en-us/library/bb756929.aspx:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> 
  <assemblyIdentity version="1.0.0.0"
     processorArchitecture="X86"
     name="IsUserAdmin"
     type="win32"/> 
  <description>Description of your application</description> 
  <!-- Identify the application security requirements. -->
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
    <security>
      <requestedPrivileges>
        <requestedExecutionLevel
          level="asInvoker"
          uiAccess="false"/>
        </requestedPrivileges>
       </security>
  </trustInfo>
</assembly>
like image 58
Joshua Avatar answered Sep 24 '22 02:09

Joshua


From MSDN:

Virtualization is only enabled for:

  • 32 bit interactive processes
  • Administrator writeable file/folder and registry keys

Virtualization is disabled for:

  • 64 bit processes
  • Non-interactive processes
  • Processes that impersonate
  • Kernel mode callers
  • Executables that have a requestedExecutionLevel

Your best bet, as Adam Maras noted, is to set a requestedExecutionLevel on your application by adding a manifest. A requestedExecutionLevel of "asInvoker" will cause file operations to fail on protected locations, rather than redirecting to the virtual store or prompting for elevation.

like image 44
Jon Avatar answered Sep 20 '22 02:09

Jon