This project is a part of another project. So please don't care if it does not make complete sense on its own.
Description:
Windows Kernel Code (passive level) to access files (local AND on network shares) impersonating the user mode caller (implicitly) or some other users who's credentials are provided. There is already code available on our side, but it basically opens a file with zwCreateFile. Wen cannot provide the existing code in full for legal reasons, but excerpts are not a problem. But I suppose that anyone who has experience in the driver topic, may have a kind of "code envelope" at hand where he/she can put in the zwCreateFile funktion and the rest easily. What we need is code that we can integrate in our application and driver and that performs the necessary provisions on both sides (application and driver) to use zwCreateFile also for files with access restrictions. Our current code works fine on network shares that are "public" (accessible by anyone).
Example: A user mode application calls the driver and provides a filename (and other information if required). The Kernel code opens the file using the access rights of the user mode caller. If there is a different user required to access the file user mode code gets an information from the driver and can prompt the user for the required credentials and start a new attempt
Further Requirements:
- Kernel file access with zwCreateFile etc (if possible)
- required to work with Win XP/Vista/7/Server2003+2008 and all derivates
- keeping open several file handles, opened using different impersonations
Attached are two diagrams which should put it clearer. Please do not hesitate to ask if you have further questions.