I'm designing a system that will write time series data to a file. The data is blocks of 8 bytes divided into two 4 bytes parts, time and payload. According to MSDN the WriteFile function is atomic ( http://msdn.microsoft.com/en-us/library/aa365747(VS.85).aspx ), if the data written is less then a sector in size. Since the file will o...
I will use the Linux NTFS driver as an example. The Linux kernel NTFS driver only has very limited write support in the kernel, and after 5 years it is still considered experimental. The same development team creates the ntfsmount userspace driver, which has almost perfect write support. Likewise, the NTFS-3G project which is written ...
My goal is to store a NTFS Security Descriptor in its identical native state. The purpose is to restore it on-demand. I managed to write the code for that purpose, I was wondering if anybody mind to validate a sample of it? (The for loop represents the way I store the native descriptor) This sample only contains the flag for "OWNER", b...
Hello all, I'm trying to create a utility which exports a file's security descriptor, and re-assign it on demand. I've created a test sample, which uses GetSecurityInfo() with the DACL flag, and then try to re-assign the very same DACL with SetSecurityInfo(). Before applying SetSecurityInfo(), the descriptor's 'Control' is: 0xA004 , SE...
Is there a tool that would show me for a specific file on disk, how fragmented it is? (How many seeks does physical disk need to make if I were to read that file in a linear fashion) ...
I'm trying to extract and restore a Security Descriptor of a NTFS file, via Windows API - XP SP3, I'm trying to understand which functions are actually able to do it properly, but I simply fail. I found this Remark over MSDN: http://msdn.microsoft.com/en-us/library/aa379573%28VS.85%29.aspx "Some SECURITY_INFORMATION members work only w...
Hello all, I'm just a beginner and I have a need to parse a NTFS partition for the purpose of extracting Security Descriptors. (I been trying to use the native functions of the Windows API, but my conclusion is that something is seriously wrong with the functions' behavior, or their documentation.) I was wondering if anybody here experi...
I heard that the NTFS file system is basically a b-tree. Is that true? What about the other file systems? What kind of trees are they? Also, how is FAT32 different from FAT16? What kind of tree are the FAT file systems using? ...
Hi, I want to develop a program that copies a partition's 'data' only, to another partition. And I want to do it such that the program starts from the first sector of source partition and checks if a sector is used. If it is used copy it to the destination parition. Else don't copy. In other words it's like copying only th...
I have a partition, formatted as NTFS. I have studied that devices formatted as NTFS have a MFT (Master File Table) which contains a lot of information about the contents of a devices. Is MFT really a file? Where is it located? How can I view it? I, actually want to view the $BITMAP to know the locations of all the files and directo...
I am a little confused about setting NTFS Permissions to a directory after I created Active Directory Groups (both programmatically). When I created the Active Directory Objects then I have to wait a few seconds to set the NTFS Permissions. If I have not this timeout then I get sometimes an error message that the identify (active directo...
If I'm writing a simple text log file from multiple processes, can they overwrite/corrupt each other's entries? (Basically, this question http://stackoverflow.com/questions/1154446/is-file-append-atomic-in-unix but for Windows/NTFS.) ...
I have written a small crawler to scan and resort directory structures. It based on dirent(which is a small wrapper around FindNextFileA) In my first benchmarks it is surprisingy slow: around 123473ms for 4500 files(thinkpad t60p local samsung 320 GB 2.5" HD). 121481 files found in 123473 milliseconds Is this speed normal? This is my ...
A directory exists with a total of 2,153,425 items (according to Windows folder Properties). It contains .jpg and .gif image files located within a few subdirectories. The task was to move the images into a different location while querying each file's name to retrieve some relevant info and store it elsewhere. The script that used File...
Does anyone know of any software that can extract the $bitmap file from NTFS images? Or does anyone know of any site that documents NTFS enough so that I can code this myself? (I want to read the $bitmap so I can identify what clusters are not in use, so they can be removed from the images) ...
I need a user-mode filesystem filter (not virtual filesystem). One of such frameworks is http://eldos.com/cbflt/, but it has some bugs and I need an alternative. Suggest similar frameworks. ...
Does Perforce supports file streams on Windows, on NTFS? ...
I want to know what information is contained in the NTFS metadata. But I couldn't find the paper anywhere. I guess the metadata has a filename, a size and an attributes etc. Has NTFS metadata also got a Shortpath name? What information is contained in the NTFS metadata? Do you know a good site or a page about this? If you do, please le...
I have been analysing Ntdll file system functions from the total ntdll function list. First, I obtain the total function list from ntdlls export directory. Next, I seperated the file management set from the total function list and tried hooking the entire file management set. However, I miss to hook a function, which i dint know. Hence...
I would like to write a program that reads all the unused clusters on an NTFS volumne. (I'm looking to recover data from a file that was accidentally truncated). According to this page I can call SetFilePointer() and ReadFile() on the volume handle to go through each logical cluster on the volume. But how do I know which clusters ar...