The Windows Disk Management 4

 

 

 

 

 

Detecting the Type of Disk

 

There is no specific function to programmatically detect the type of disk a particular file or directory is located on. There is an indirect method. First, call GetVolumePathName(). Then, call CreateFile() to open the volume using the path. Next, use IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS with the volume handle to obtain the disk number and use the disk number to construct the disk path, such as "\\?\PhysicalDriveX". Finally, use IOCTL_DISK_GET_DRIVE_LAYOUT_EX to obtain the partition list, and check the PartitionType for each entry in the partition list.

 

Defining an MS-DOS Device Name

 

An MS-DOS device name is a junction that points to the path of an MS-DOS device. These junctions comprise the MS-DOS device namespace. Call the DefineDosDevice() and SetVolumeMountPoint() functions to create and modify these junctions. DeleteVolumeMountPoint() deletes a junction created by SetVolumeMountPoint(), and DefineDosDevice() deletes junctions it creates. After an MS-DOS device name is defined, it remains visible to all processes. Before Windows 2000 Professional with Service Pack 2 (SP2), a device name remained globally visible until either explicitly removed or the system restarted. Security issues made changes to this policy necessary in later versions of Windows.

Starting with Windows 2000 Professional with SP2, when a user that is logged in through an interactive console session (that is, by running a console application on a local machine), any drive letters defined by running a program that calls DefineDosDevice() are deleted when the interactive console user logs out. Also, a security policy is implemented regulating the circumstances under which drive letters can be deleted. This deletion policy is defined as follows:

 

  1. If the user attempting the deletion is logged in as an Administrator, or another account that belongs to the Administrator group, the user can delete any drive letter.
  2. If the user attempting the deletion is not logged in as an Administrator, and is logged in though the interactive console session, the user can delete any drive letter except those created by other users logged in as Administrators through logon sessions that are not the interactive console session, such as background scheduled tasks or during system startup.
  3. If the user attempting the deletion is not logged in as an Administrator, and is logged in though a logon session that is not the interactive console session, the user can delete only the drive letters that he or she has created during the session.

 

This security fix does not affect Terminal Services sessions, because each Terminal Services session defines its own MS-DOS Device namespace. In Windows 2000 Professional with Service Pack 2 (SP2) and earlier, calls to QueryDosDevice() return all MS-DOS devices that have been defined on the local machine. In Windows XP, the policy changes defined in Windows 2000 Professional with SP2 were removed and replaced with an architecture based on the following:

  1. All MS-DOS devices are identified by Windows through an authentication ID. An authentication ID is the LUID (locally unique identifier) associated with each logon session when created.

  2. The visibility of an MS-DOS device name is categorized as either global or local, and is defined as such by its inclusion in the Global MS-DOS Device and Local MS-DOS Device namespaces. The contents of MS-DOS devices in the Global namespace can be accessed by all users, and the contents of MS-DOS devices in the Local namespace can be accessed only by the user whose access token contains the AuthenticationID associated with that Local MS-DOS device namespace.

 

Multiple Local MS-DOS Device namespaces and only one Global MS-DOS Device namespace may exist at one time and on one machine. Note that only processes running in the LocalSystem context can call DefineDosDevice() to create an MS-DOS device in the Global MS-DOS device namespace. Also, the Local MS-DOS device namespace corresponding to a specific AuthenticationID is deleted when the last reference to that AuthenticationID is removed.

When your code queries an existing MS-DOS device name by calling QueryDosDevice(), it first searches the Local MS-DOS Device namespace. If it is not found there, the function will then search the Global MS-DOS Device namespace. When your code queries all existing MS-DOS device names through this function, the list of names that are returned is dependent on whether it is running in the LocalSystem context. If so, only the MS-DOS device names included in the Global MS-DOS Device namespace will be returned. If not, a concatenation of the device names in the Global and Local MS-DOS Device namespaces will be returned. If a device name exists in both namespaces, QueryDosDevice() will return the entry in the Local MS-DOS Device namespace. This also applies to the list of all MS-DOS device names returned by GetLogicalDrives() and GetLogicalDriveStrings(). Note that the following scenario may occur:

 

  1. User A, who is not running within the LocalSystem context, creates a device name in the corresponding Local MS-DOS Device namespace, and that device name does not exist in the Global MS-DOS Device namespace.
  2. User B, who is running within the LocalSystem context, creates the same device name in the Global MS-DOS Device namespace.

 

In this scenario, User A will not have access to the device name in the Global MS-DOS Device namespace until he or she removes or renames the device name in his or her Local MS-DOS Device namespace. To reduce the likelihood of this scenario occurring, MS-DOS drive letters should be allocated in the Global MS-DOS Device namespace starting with C: and ending with Z:. This sequence should be reversed for the allocation of MS-DOS drive letters in the Local MS-DOS Device namespace. If you are not running within the LocalSystem context, DefineDosDevice() will not allow you to define a device name in the Local MS-DOS Device namespace if that device name already exists in your Local or Global MS-DOS Device namespaces. Call QueryDosDevice() before calling DefineDosDevice() to determine whether the device name you intend to define exists in your MS-DOS Device namespaces.

 

 

 

 

< Windows Disk 4 | Win32 Programming Index Page | Windows Disk Index | Windows Disk 5 >