Setting the FILE_DEVICE_SECURE_OPEN device characteristic directs the I/O Manager to apply the security descriptor of the device object to all open requests, including file-open requests into the device's namespace. Essentially, the I/O Manager performs access checks and fails requests that don't have the privileges you established for the device object. FILE_DEVICE_SECURE_OPEN is supported on Microsoft® Windows NT® 4.0 Service Pack 5 and later versions of Windows.

A client usually opens a driver's named device objects ("\Device\MyDevice") in order to access the device. However, a client can also attempt to open files on a device by appending a file path to the device object name ("\Device\MyDevice\Some\Arbitrary\Path\To\A\File"). When this happens, the file object has a FileName equal to the trailing portion of the name ("\Some\Arbitrary\Path\To\A\File"). Unless the device driver watches for this case and either fails the create request or applies a security check, this can create a security hole in the system, because an unprivileged user could bypass security and obtain handles with read and write access simply by opening a file in the device's namespace.

Almost all drivers that create device objects should set FILE_DEVICE_SECURE_OPEN when the device object is created. The only drivers that shouldn't are those that implement their own security checking, such as file systems.

Is This Newsletter Useful?

If so, forward it to your colleagues and friends who are developers, engineers, or testers working on the Windows hardware platform.

If you received this from a friend, information about how to subscribe yourself is available at http://www.microsoft.com/whdc/newsreq.mspx.

Want to help shape the direction of the WHDC Web site and newsletters? Tell us what works and what doesn't.

DDK MVP Highlight

Reflections on Windows System Programming
Read about Windows kernel-mode development in a Web log from Steve Dispensa, MVP for the Windows DDK.

Kernel Mustard

News for Kernel-Mode Developers

Kernel Patching Policy for Windows Servers 2003 SP1 and Beyond
Kernel-mode drivers that extend or replace kernel services through undocumented means (such as hooking the system service tables) can interfere with other software and affect the stability of the operating system. For x86-based systems, Microsoft discourages such practices but does not prevent them programmatically. Beginning with Windows Server 2003 Service Pack 1 (SP1), the operating system will not allow the kernel to be patched for x64-based systems, except through authorized hot patches.

Drivers for x64-based systems must avoid the following practices:

WinHEC and Driver DevCon

WinHEC U.S. 2005: April 25-27, 2005
Washington State Convention and Trade Center, Seattle
This PC industry event focuses on engineering advances to the Windows hardware platform and technical and business opportunities planned for future client and server versions of Windows operating systems. This is a public event, advancing the WinHEC experience as you have known it for over a decade. WinHEC provides the opportunity for engineers, designers, and business decision makers to come together and discuss new technical issues, new user scenarios and business strategies for the PC hardware platform. WinHEC will not include a driver-specific session track.

Driver DevCon 2005: April 25-28, 2005
Seattle Sheraton
This is an NDA-only event, the second in the series that began in November 2003. This event is targeted solely for experienced driver developers and testers who want more tools and information to advance their capabilities for creating high-quality drivers for current and future Windows platforms. Once again, Driver DevCon will offer the opportunity to work closely on technical issues with the experts from the Windows development teams, as well as the chance to offer feedback on driver design issues for future versions of Windows.

As you know from recent Microsoft announcements about Windows Code Name "Longhorn," spring 2005 will be an extremely busy time for Windows development teams. Because the success of both of these events relies on the committed participation of experts from the Windows teams, we are focusing their effort and availability by delivering both events the same week, here in Seattle.

WinHEC Taipei 2005: May 17-18, 2005
Taipei International Convention Center
WinHEC Taipei will feature a combination of non-NDA hardware platform and driver developer information from both U.S. events to our Asia community.

We encourage your feedback as we plan the agenda, keynotes, session tracks, and so on. Please send your comments to hwevents@microsoft.com.

Event Tips: Event registration begins in early 2005 for both WinHEC and Driver DevCon.

Partner participation information for both of these events will be available in November 2004. To receive information when it comes available, please send e-mail to pavilion@microsoft.com.

Device-Class Tips & News

Preview Mobile IPv6
RFC 3775 defines Mobile Internet Protocol version 6 (IPv6). Microsoft provides a technical paper describing the technology and Mobile IPv6 support in Microsoft Windows. This article also provides a link for requesting the Mobile IPv6 Technology Preview developed by Microsoft Research.

Introduction to Mobile IPv6

Microsoft IPv6 Web site

Windows Networking and Windows XP SP2
The Cable Guy on TechNet provides insight into new features and enhancements in Windows XP Service Pack 2.

New Networking Features in Windows XP SP2

Wireless LAN Enhancements in Windows XP SP2

Universal Audio Architecture - State of the Union
Check the latest Microsoft UAA Initiative whitepapers and presentations on the WHDC Web for roadmaps and technical implementation guidelines.

Audio Device Technologies for Windows

More Device Fundamentals - Overview...

Tips and Directions for Testing

Ready to Test for Windows Server 2003 SP1?
Windows Hardware Compatibility Testing (HCT) 12.0 testing is required beginning November 1 for Windows XP. HCT 12.1 will be required after the release of Windows Server SP1. To understand what these HCTs test for in detail, review the assertions and other details in the WHQL Test Specification.

Tip: Early use of the HCT in your test processes ensures early detection of test failures that could prevent your driver from earning the "Designed for Windows" logo.

Download the Current WHQL Test Specification

Got the Windows XP SP2 Checked Build?
The Checked Build is a compiled set of files that include debugging information, providing administrators with specific details about program functioning.

Download the SP2 Checked Build

Download the Platform SDK

More Tools for Testing and Tuning: Overview...

Kits, Tools, and Services

Quick FAQ: About the IFS Kit
The primary goal of the Microsoft Windows Installable File System (IFS) Kit is to provide all of the materials necessary to design, build, and debug file systems and file system filter drivers for Windows 2000 and later operating systems.

Find out what's in the IFS Kit, with links to key resources.

Windows Server 2003 x64 Beta Customer Preview Program
Sign up now to receive trial software for Windows Server 2003 Enterprise x64 Edition. Read about the Customer Preview Program (CPP) and the different options for obtaining the pre-release software.

Download the Beta Preview

Security and Reliability

Don't Change Anything in HKLM or %PROGRAMFILES%
Far too many programs assume unrestricted access to the HKEY_LOCAL_MACHINE section of the registry and the %PROGRAMFILES% folder on %SYSTEMDRIVE%. Both are read-only for normal users. Don't change anything there except at installation time. It's reasonably safe to assume a user has access to the %USERPROFILE% folder. Use the %TEMP% folder for temporary data files. Use %APPDATA% for storing application-specific data per user. Consider storing data under the user's My Documents folder. For registry settings, use HKEY_CURRENT_USER.

Top Ten Tips for Secure Testing

Install Critical Updates for Windows and Office

Microsoft Security Developer Center on MSDN

More Driver Security and Reliability...