May 22nd, 2015

So you decided to call SHFileOperation from a service, at least remember to disable copy hooks

I noted some time ago that it is highly inadvisable to call SHFile­Operation from a service, and then I thought about it some more and concluded, it’s flat-out wrong, at least in the case where you call it while impersonating.

Now, I’m sure that my opinion won’t dissuade many of you, but if you decide to do it anyway, at least disable shell copy hooks by passing the FOFX_NO­COPY­HOOKS flag to IFile­Operation::Set­Operation­Flags. (We’ve met this flag before.)

By default, shell copy hooks are active during shell file operations, and this creates a number of problems when called from a service.

First of all, those copy hooks are unlikely to be designed to handle being run in a service. (When you write your own shell extension, do you make sure it also works when run in a service?) They’re probably going to try to log the file activity, possibly to a back-end service, or maybe check with a back-end service whether this file copy should be allowed, and if not, they’re probably going to display a dialog box saying “The file cannot be moved/copied/deleted because I’m a mean person who hates you due to restrictions imposed by your administrator.” (Or worse, they may secretly copy the file to an undisclosed location before allowing the operation through.)

Second of all, you probably don’t want those copy hooks intefering with your file operation, whatever it is. Your service is trying to clean up files, or it’s moving files around for its own internal purposes, and if a copy hook showed up and blocked the operation, your service is now in a weird inconsistent state.

Note that I still consider SHFile­Operation inadvisable from a service. I’m just trying to stop you from digging your hole any deeper than it already is.

Topics
Code

Author

Raymond has been involved in the evolution of Windows for more than 30 years. In 2003, he began a Web site known as The Old New Thing which has grown in popularity far beyond his wildest imagination, a development which still gives him the heebie-jeebies. The Web site spawned a book, coincidentally also titled The Old New Thing (Addison Wesley 2007). He occasionally appears on the Windows Dev Docs Twitter account to tell stories which convey no useful information.

0 comments

Discussion are closed.