Developer mode for symbolic links #308
Conversation
schinagl
force-pushed
the
symbolic_link_with_developer_mode
branch
from
f78886a to
d94bc2f
Compare
MKDir creates the symbolic links itself if in developer mode Adapted DecodeReparsePoint a little * to suit it for \??\ prefix * remove unused second parameter * for client coding Symbolic Link directories are copied in developer mode properly Symbolic Link files are copied in developer mode properly
schinagl
force-pushed
the
symbolic_link_with_developer_mode
branch
from
d94bc2f to
f20b850
Compare
|
Maybe my description above was too long or confusing, but basically this is a bug fix: So maybe @malxau you can give it a look/try? It would bring us forward... :-) |
|
@schinagl, I must be dense. What do you mean by "developer mode"? |
ProblemThe privilege to create Symbolic Links (SeCreateSymbolicLink) is normally only held by administrators. So there are two ways out of thisa) Enable 'developer mode': https://www.howtogeek.com/292914/what-is-developer-mode-in-windows-10/ With a) or b) enabled a normal user can create Symbolic Links What is the point of this fix
Basically we do similar things for CreateDirectoryEx() and also here provide a fallback to create symbolic links if 'developer mode' is on |
|
thanks! Which version of Windows introduced CopyFileEx? |
|
Windows XP/Windows Server 2003 |
|
Added Review fiindings |
|
When I run the test bat file and follow the ctrl+drag instructions above, the copied symlink 'iLib_symlink' icon starts out plain in the left pane of the window"
When I refresh by expand/collapse 'sl', the icon is correct. Separately, how do I test the case of WFCopyIfSymlink in lfn.c? The above case doesn't trigger it. Another case I don't understand: if I create a directory '2' next to '1' and ctrl+drag 'iLib_symlink' to '2', I get a "Confirm File Replace" dialog box. Why is that? |
|
A few good questions, lets start with How do I test the case of WFCopyIfSymlink in lfn.c? ✔️
and copy the given tree from sl/ to 1/ as described above Then it looks like this It is important, that your Winfile, does not hold SeCreateSymbolicLinkPrivilege. (Use procexp.exe!) You must not see it in the list of privileges. If you see it and it is 'Disabled' then you hold the privilege and it can not be reproduced. When I refresh by expand/collapse 'sl', the icon is correct. ✔️Can reproduce. It is a refresh problem. Attributes are fed correctly in WFFind(First|Next) If I create a directory '2' next to '1' and ctrl+drag 'iLib_symlink' to '2 ✔️Can reproduce. I know the reason, and basically this PR is only the messenger, but this problem was always there. Anyhow, I hope I can find a solution for this. In general sorry for the inconvenience. Will do by best to get it fixed |
|
Fixed 'If I create a directory '2' next to '1' and ctrl+drag 'iLib_symlink' to '2' |
|
Fixed 'When I refresh by expand/collapse 'sl', the icon is correct.' |
|
The issues are fixed; thanks! I do have one concern about a code change; see the new comment. |
Problem
Winfile fails on copying Symbolic Links in developer mode
How to test
Download ln.exe from https://schinagl.priv.at/nt/ln/ln64.zip and place it in the same directory as the below .bat file.
Start TestCopyReparsePoint.bat from an administrative command prompt in your e.g. temp directory. Make sure you are in developer mode and do not have SE_CREATE_SYMBOLICLINK assigned to the active user.
It builds a structure like
Navigate to x:\sl in Winfile and copy it e.g. via Drag and CTRL to x:\1. You will receive no errors opposite to the original version, which fails on symbolic link creation of x:\sl\iLib_symlink.
Comments on the code
WFCopy() and MKDir() check the return code of its respective operation and if it was ERROR_PRIVILEGE_NOT_HELD, it creates the symbolic link itself.
This has the drawback, that alternative data streams and EA records are not copied.
ACLs are not copied, but this also applies for the CreateDirectoryEx()/CopyFile() case, so ACLs are fine, I think.
Junctions work anyhow fine.
Making this whole EA record and alternative streams copy work is quite some work, I already did it for LinkShellExentsion, so I could contribute the coding, but it is a few hundred lines of code. This then also handles weird cases like sparse alternative streams, EA records, compressed and encrypted files, but I guess we are overshooting here.
I much more hope, that a future version of CreateDirectoryEx() and CopyFileEx() in e.g. Win11 support developer mode, so that this problem is then solved.
In general this implements the simplest of all Reparse Point copy strategies, which I called the 'Splice' method. See also the explanation of Splice in the LinkShellExtension Docu.
Winfile does the 'Splice' pattern also for inner and outer reparse points. So this will only work for absolute symbolic links. Relative symbolic links will be copied but point to 'something'. This can not be solved with this PR for Winfile, because it needs more sophisticated symlink resolving.
Maybe in a later PR we could adress relative symbolic links.
In the course of action DecodeReparsepoint() was adapted a little, because the second argument was never used, and in my opinion one should pass a path to a reparse point and not path\*.* as the first argument
So ... lets see what you guys think.