Re: ls/stat on OneDrive causes download of files

public inbox for cygwin@cygwin.com
 help / color / mirror / Atom feed

From: Corinna Vinschen <corinna-cygwin@cygwin.com>
To: Jeffrey Altman <jaltman@secure-endpoints.com>
Cc: cygwin@cygwin.com
Subject: Re: ls/stat on OneDrive causes download of files
Date: Thu, 7 Mar 2024 10:06:51 +0100	[thread overview]
Message-ID: <ZemDq4Qa7NLUJYWj@calimero.vinschen.de> (raw)
In-Reply-To: <7d9fe460-5704-424b-a89b-e34ef2176d38@secure-endpoints.com>

Hi Jeffrey,


apart from the attribute stuff...


On Mar  6 13:55, Jeffrey Altman via Cygwin wrote:
> The default ProcessPlaceholderCompaibilityMode is PHCM_EXPOSE_PLACEHOLDERS
> which makes the FILE_ATTRIBUTE flags and reparse tags visible. Microsoft
> maintains a database of processes for which PHCM_DISGUISE_PLACEHOLDER is set
> which hides that information. Its unclear to me that explicitly setting the
> placeholder compatibility mode is useful.

What I see as a problem here is this:

https://learn.microsoft.com/en-us/windows-hardware/drivers/ddi/ntifs/nf-ntifs-rtlsetprocessplaceholdercompatibilitymode

Quote:

  "Most Windows applications see exposed placeholders by default. For
   ^^^^
   compatibility reasons, Windows may decide that certain applications
                          ^^^^^^^^^^^^^^^^^^
   see disguised placeholders by default."

But then again, in other news from Microsoft:

https://learn.microsoft.com/en-us/windows/win32/cfapi/build-a-cloud-file-sync-engine#compatibility-with-applications-that-use-reparse-points

Quote:

  "[...] the cloud files API always hides its reparse points from all
                             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
   applications except for sync engines and processes whose main image
   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
   resides under %systemroot%. Applications that understand reparse
   ^^^^^^^^^^^^^^^^^^^^^^^^^^^
   points correctly can force the platform to expose cloud files API
   reparse points using RtlSetProcessPlaceholderCompatibilityMode or
   RtlSetThreadProcessPlaceholderCompatibilityMode.

Considering these two statements, it's totally unclear to a process, if
it just defaults to "exposed" or "disguised".

Fortunately we can ask Windows by calling the
RtlQueryProcessPlaceholderCompatibilityMode() function, right?

Lets have a look into the documentation at
https://learn.microsoft.com/en-us/windows-hardware/drivers/ddi/ntifs/nf-ntifs-rtlqueryprocessplaceholdercompatibilitymode

Quote:

  "Return value

  This function returns the process's placeholder compatibily mode
  (PHCM_xxx), or a negative value on error (PCHM_ERROR_xxx). Contains
  one of the following values:

  Compatibility Mode           Value
  PHCM_APPLICATION_DEFAULT       0
  PHCM_DISGUISE_PLACEHOLDER      1
  PHCM_EXPOSE_PLACEHOLDERS       2
  PHCM_MAX                       2
  PHCM_ERROR_INVALID_PARAMETER  -1
  PHCM_ERROR_NO_TEB             -2"

So I called the function right at the start of the Cygwin DLL, and it
returns the value 0, i. e., PHCM_APPLICATION_DEFAULT.

At this point the process *still* has no idea if placeholders are
exposed or disguised.  What a great API! \o/

So, from the above, and if we really want to be sure that placeholders
will be exposed, I don't see any way around calling
RtlSetProcessPlaceholderCompatibilityMode(PHCM_EXPOSE_PLACEHOLDERS)
explicitely at DLL startup.

What do you think?


Thanks,
Corinna

next prev parent reply	other threads:[~2024-03-07  9:06 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-03-06  0:54 Marcin Wisnicki
2024-03-06 13:22 ` Corinna Vinschen
2024-03-06 13:28   ` Corinna Vinschen
2024-03-06 13:54     ` Brian Inglis
2024-03-06 17:19       ` Corinna Vinschen
2024-03-06 18:55         ` Jeffrey Altman
2024-03-06 19:14           ` Corinna Vinschen
2024-03-07  9:06           ` Corinna Vinschen [this message]
2024-03-08 10:37           ` Corinna Vinschen
2024-03-08 12:52             ` Thomas Wolff
2024-03-08 13:15               ` Jeffrey Altman
2024-03-08 13:56                 ` Corinna Vinschen
2024-03-08 22:21                   ` Corinna Vinschen
2024-03-08 22:26                     ` Marcin Wisnicki
2024-03-09 20:29                       ` Marcin Wisnicki
2024-03-11 17:04                         ` Corinna Vinschen
2024-03-06 19:00         ` Corinna Vinschen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=ZemDq4Qa7NLUJYWj@calimero.vinschen.de \
    --to=corinna-cygwin@cygwin.com \
    --cc=cygwin@cygwin.com \
    --cc=jaltman@secure-endpoints.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).