CSIDL - Shell constants, enumerations, and flags
26 Dec 2006
I worked on an application which had a couple of requirements:
To acheive this, the shell constants were used, as defined in the Windows SDK.
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/shellcc/platform/shell/reference/enums/csidl.asp
This worked well, and after we looked at the code we actually ran a battery of tests to confirm. So for example we tried the following types of canonicalizations:
We kept going, and tried breaking out of the local scope as well:
And all that sort of stuff. Using the CSIDL constants proved successful, and we could see this through debugging. Everything we entered was merely relative to the constant value, there was no way to change it.
- Allow users access to their local drive content within a defined scope (e.g. either the entire drive, or the My Documents folder only)
- Prevent users from accessing files outside of the defined scope. So they shouldn't be able to access network drives, USB keys, etc.
To acheive this, the shell constants were used, as defined in the Windows SDK.
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/shellcc/platform/shell/reference/enums/csidl.asp
This worked well, and after we looked at the code we actually ran a battery of tests to confirm. So for example we tried the following types of canonicalizations:
- \hostsharefile
- \?folderfile
- \10.10.10.10sharefile
- \.folderfile
We kept going, and tried breaking out of the local scope as well:
- ........boot.ini
- ../../../../boot.ini
- ..%2fboot.ini
And all that sort of stuff. Using the CSIDL constants proved successful, and we could see this through debugging. Everything we entered was merely relative to the constant value, there was no way to change it.