Hardware Reference
In-Depth Information
API function
UNIX
Meaning
CreateDirectory
mkdir
Create a new directory
RemoveDirectory
rmdir
Remove an empty directory
FindFirstFile
opendir
Initialize to start reading the entries in a directory
FindNextFile
readdir
Read the next directory entry
MoveFile
Move a file from one directory to another
SetCurrentDirectory
chdir
Change the current working directory
Figure 6-41.
The principal Win32 API functions for directory management. The
second column gives the nearest UNIX equivalent, when one exists.
following brief description gives the general idea. When a user logs in, his or her
initial process is given an
access token
by the operating system. The access token
contains the user's
SID
(
Security ID
), a list of the security groups to which the
user belongs, any special privileges available, the integrity level of the process, and
a few other items. The point of the access token is to concentrate all the security
information in one easy-to-find place. All processes created by this process inherit
the same access token.
One of the parameters that can be supplied when any object is created is its
security descriptor
. The security descriptor contains a list of entries called an
ACL
(
Access Control List
). Each entry permits or prohibits some set of the oper-
ations on the object by some SID or group. For example, a file could have a secu-
rity descriptor specifying that Elinor has no access to the file at all, Ken can read
the file, Linda can read or write the file, and all members of the XYZ group can
read the file's length but nothing else. Defaults can also be set up to deny access to
anyone not explicitly listed.
When a process tries to perform some operation on an object using a handle,
the security manager gets the process' access token and first checks the integrity
level in the object's security descriptor against the integrity level in the token. A
process cannot obtain a handle with write permission for any object with a higher
integrity level. Integrity levels are primarily used to restrict what code loaded by
Web browsers can do to modify the system. After the integrity-level check, the se-
curity manager goes down the list of entries in the ACL in order. As soon as it
finds an entry that matches the called's SID or one of the called's groups, the ac-
cess found there is taken as definitive. For this reason, it is usual to put entries
denying access ahead of entries granting access in the ACL, so that a user who is
specifically denied access cannot get in via a back door by being a member of a
group that has legitimate access. The security descriptor also contains information
used for auditing accesses to the object.
Let us now take a quick look at how files and directories are implemented in
Windows 7. Each disk is statically divided up into self-contained volumes, which
are the same as disk partitions in
UNIX
. Each volume contains bit maps, files,
