1

I want to read exclusive-opened files on Windows on a user-specified volume.

The established way to do this is to take a VSS snapshot.

Taking a VSS snapshot generally requires administrative permissions, so my application is split into an unelevated component and a SYSTEM service. Right now, the SYSTEM service initiates the snapshot and reads its files.

So far so good - as long as the files are accessible by both the SYSTEM user and the unelevated regular user. But of course, this is different user can have different mount paths, different network shares, different file authentication, and possibly even different Bitlocker access. My approach stops working as soon as a mounted network path is selected.

How can i take a VSS snapshot, having access to all the unelevated user's file paths?

mappu
  • 329
  • 2
  • 16
  • You can't snapshot content that is on the network. You'd have to run your code on the remote machine. As for Bitlocker, I don't know, but try having the user process read the files from the snapshot. – Harry Johnston Jul 13 '16 at 21:34
  • @HarryJohnston "You can't snapshot content that is on the network." - are you sure? Wikipedia says you can, and goes into some detail about it. – mappu Jul 14 '16 at 22:29
  • Reasonably sure. Can you provide a reference? – Harry Johnston Jul 14 '16 at 22:32
  • The Wikipedia article seems to be talking about snapshots that the server creates, [typically to a schedule](https://technet.microsoft.com/en-us/library/cc771893(v=ws.11).aspx). You can access the snapshots from the clients, but I don't think the clients can create them without admin privilege on the server. (And of course it has to be a Windows server, though I don't suppose there's anything stopping third-party servers from providing equivalent functionality.) – Harry Johnston Jul 14 '16 at 22:35

0 Answers0