How to disable VirtualStore for C++ programs?

StackOverflow https://stackoverflow.com/questions/4730053

Question

I'd like my program to throw an error when it tries to create files in protected locations like the root of the C:\ drive (eg: FILE* FileHandle = fopen("\\file.txt", a)). Instead the file gets created in the Virtual Store under %APPDATA%.

How can I disable that Virtual Store?

Thanks

EDIT: Just to be clear, I'm not asking how to circumvent the security and create my file in a protected location. I want the file creation to FAIL so that I can tell the user he was an idiot.

Was it helpful?

Solution

You add an application manifest. Choose asInvoker, highestAvailable, or requireAdministrator. It sounds like you want asInvoker.

From http://msdn.microsoft.com/en-us/library/bb756929.aspx:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> 
  <assemblyIdentity version="1.0.0.0"
     processorArchitecture="X86"
     name="IsUserAdmin"
     type="win32"/> 
  <description>Description of your application</description> 
  <!-- Identify the application security requirements. -->
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
    <security>
      <requestedPrivileges>
        <requestedExecutionLevel
          level="asInvoker"
          uiAccess="false"/>
        </requestedPrivileges>
       </security>
  </trustInfo>
</assembly>

OTHER TIPS

From MSDN:

Virtualization is only enabled for:

  • 32 bit interactive processes
  • Administrator writeable file/folder and registry keys

Virtualization is disabled for:

  • 64 bit processes
  • Non-interactive processes
  • Processes that impersonate
  • Kernel mode callers
  • Executables that have a requestedExecutionLevel

Your best bet, as Adam Maras noted, is to set a requestedExecutionLevel on your application by adding a manifest. A requestedExecutionLevel of "asInvoker" will cause file operations to fail on protected locations, rather than redirecting to the virtual store or prompting for elevation.

Here is an article that shows how to turn off the virtualization.

http://www.interworks.com/blogs/dsmith/2011/09/21/disabling-windows-7-virtual-store

The short of it is:

-From the Windows 7 Start Orb, do a search for Local Security Policy and select it.

-Expand Local Policies and click on Security Options. On the right pane, scroll all the way to the bottom and you will find a setting called " User Account Control: Virtualize file and registry write failures to per-user locations", double click on that setting and change it to Disabled.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top