A Policy DLL's PolApproveRename callback function is called to allow the Policy DLL to approve or reject a file rename operation taking place on a supported file system.
POL_APPROVE_RENAME PolApproveRename;
bool
PolApproveRename(
_In_ FE_POLICY_PATH_INFORMATION *PolicyPathInfo,
_In_ DWORD ThreadId,
_In_ FE_POLICY_PATH_INFORMATION *NewPolicyPathInfo
)
PolicyPathInfo [in]
A pointer to an FESF allocated FE_POLICY_PATH_INFORMATION structure describing the original name of the file being renamed.
If FESF has determined that the source file is in a “bypass” region, then the FE_POLICY_PATH_NAME_BYPASS flag will be set. A bypass region is one in which file opens are always raw (because of interoperability issues).
If the requested rename is to replace an existing file (if one exists) then the FE_POLICY_PATH_REPLACE_IF_EXISTS flag is set.
ThreadId [in]
The identifier of the thread attempting to rename the file.
NewPolicyPathInfo [in]
A pointer to an FESF allocated FE_POLICY_PATH_INFORMATION structure describing the proposed new name of the file being renamed.
Note that if Windows has not been able supply the new name then the FE_POLICY_PATH_TARGET_NAME_INVALID flag will be set and the RelativePath will be invalid.
This is often provoked by renaming a file “through” a directory symbolic link to a network Share.
If FESF has determined that the new name will be in a “bypass” region, then the FE_POLICY_PATH_NAME_BYPASS flag will be set. A bypass region is one in which file opens are always raw (because of interoperability issues).
To approve the rename operation and let it proceed, the PolApproveRename callback function returns TRUE. Otherwise, it returns FALSE.
If FALSE is returned, FESF will fail the thread's rename operation. How the requesting thread/process reacts to having this error returned is dependent on the thread/process.
A Policy DLL's PolApproveRename callback function is called by FESF to allow the Policy DLL to approve or reject a proposed rename operation for security reasons.
Implementation of this callback function is optional for a Policy DLL. If this function is not implemented, FESF uses the behavior specified during initialization in the field OfflineBehavior.ApproveRename.
Solution developers should be VERY cautious about returning FALSE from this callback as a result of what should be non-fatal errors. For example, if you return FALSE (thereby disallowing the requested rename operation) as a result of a function such as GetExecutablePathForThreadId or GetSidForThreadId failing due to a system protection issue, important Windows system activities such as Windows Update can fail. We advise you to use caution and good engineering judgement.
The FESF Sample Solution contains an example implementation of this callback function. This example is part of the provided UM_Sample Visual Studio Solution, the SampPolicy project, and is located in the file SampPolicy.cpp.
|
Software version |
FESF V1 (or later) |
|
Library |
FESFPolicy.lib |
|
Header |
PolDllApi.h |