Using FileStream from Restricted User Accounts [Josh Free]

Using FileStream from Restricted User Accounts [Josh Free]

  • Comments 5

Every so often, I run into code that requests security permissions that are not needed.  Take the following code snippet as an example: 

 

 

// open the file for reading

FileStream fs1 = new FileStream(@"C:\Program Files\SomeFile.bin",

                                FileMode.Open);

 

 

From the code comment, the developer is using the FileStream object to read the file.  However, the FileStream constructor they used requests FileAccess.ReadWrite access – giving the code read and write access to the file. 

 

The developer should have written their code to only request read access:

 

 

// open the file for reading

FileStream fs1 = new FileStream(@"C:\Program Files\SomeFile.bin",

                                FileMode.Open, FileAccess.Read);

 

 

Many of you may be thinking “so what?” – After all, on Windows XP (and earlier operating systems) most users run as Administrators or Power users.  Since Administrators have unrestricted access to all files on the computer, this code is unlikely to fail.

 

If you are not familiar with the terms “Administrator”, “Power User”, and “Restricted User” you may want to look at the User Account Control Panel in Windows –

 

Administrators

Administrators have complete and unrestricted access to the computer/domain

Standard user (Power Users Group)

Users can change many system settings and install programs that don’t affect Windows system files.

Restricted user (Users Group)

Users can operate the computer and save documents, but cannot install programs or change system settings.

 

As you can see from the definitions above, security-minded users are able to run programs under Restricted user accounts.  When one of these users runs your program they may end seeing an unhandled System.UnauthorizedAccessException!

 

To avoid this bad customer experience for Restricted user accounts you should:

  1. Only request the minimum permissions that your application needs to run
  2. Verify your application runs from a Restricted user account.

 

  • This is perhaps more common when using the registry. Requesting read write access will fail for a large sections of the tree for a normal user account.
  • Attempting to address Rajesh's concerns about
    optionality... [Via: Tim Ewald ]
    Axis2 1.0 released...
  • So in hindsight, should the default FileAccess have been Read instead of ReadWrite? I personally think so . . .
  • Amen to testing with a restricted user account. Our entire network is locked down so most users only run this way. This INCLUDES me – even when I’m developing. It is possible to work this way, and ALL developers should be familiar with it. I have access to an unrestricted account when needed so I can still accomplish anything I need to. Bottom line is, if every developer worked this way, they would develop much more robust programs, and have a better understanding of security. Not to mention that with windows Vistas coming out, these kinds of programs will give a security warning that states that the program needs more privileges to run (at least as I understand it.) even for a default install.

    I can't tell you the number of times I've banged my head in frustration when installing an application that doesn't work with a restricted user account and requires changes to directory or registry security to work. This isn't limited to small developers or cheap software. Autodesk has this problem with MANY of their programs. For the money you pay, that is just ridiculous.
  • PingBack from http://paidsurveyshub.info/story.php?title=bcl-team-blog-using-filestream-from-restricted-user-accounts-josh-free

Page 1 of 1 (5 items)