{"id":93565,"date":"2016-06-03T07:00:00","date_gmt":"2016-06-03T21:00:00","guid":{"rendered":"https:\/\/blogs.msdn.microsoft.com\/oldnewthing\/?p=93565"},"modified":"2019-03-13T11:50:36","modified_gmt":"2019-03-13T18:50:36","slug":"20160603-00","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/oldnewthing\/20160603-00\/?p=93565","title":{"rendered":"Why does SetFileValidData fail even though I enabled the SE_MANAGE_VOLUME_NAME privilege?"},"content":{"rendered":"<p>A customer reported that their call to <a HREF=\"https:\/\/blogs.msdn.microsoft.com\/oldnewthing\/20110922-00\/?p=9573\"><code>Set&shy;File&shy;Valid&shy;Data<\/code><\/a> was failing with <code>ERROR_PRIVILEGE_NOT_HELD<\/code> despite the fact that they held the privilege whose name is defined by the symbol <code>SE_MANAGE_VOLUME_NAME<\/code>. (Note that the &#8220;name&#8221; in &#8220;manage volume name&#8221; doesn&#8217;t mean that you are managing the name of the volume; rather it means &#8220;This is the name of the privilege for managing volumes.&#8221;) <\/p>\n<p>The customer was kind enough to <a HREF=\"https:\/\/blogs.msdn.microsoft.com\/oldnewthing\/20131018-00\/?p=2893\">reduce<\/a> the problem to a simple program: <\/p>\n<pre>\n#include &lt;windows.h&gt;\n\nint main(int argc, char** argv)\n{\n \/\/ This succeeds\n HANDLE h = CreateFileW(L\"test\", GENERIC_WRITE, 0, nullptr,\n   CREATE_ALWAYS, FILE_FLAG_NO_BUFFERING | FILE_FLAG_OVERLAPPED,\n   nullptr);\n\n LARGE_INTEGER newSize;\n newSize.QuadPart = 256 * 1024 * 10;\n \/\/ This succeeds\n SetFilePointerEx(h, newSize, nullptr, FILE_BEGIN);\n\n \/\/ This succeeds\n SetEndOfFile(h);\n\n HANDLE hToken;\n \/\/ This succeeds\n OpenProcessToken(GetCurrentProcess(),\n      TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &amp;hToken);\n\n \/\/ This succeeds\n <a HREF=\"https:\/\/msdn.microsoft.com\/library\/windows\/desktop\/aa446619(v=vs.85).aspx\">SetPrivilege<\/a>(hToken, SE_MANAGE_VOLUME_NAME, TRUE);\n\n \/\/ This succeeds\n CloseHandle(hToken);\n\n \/\/ This fails with ERROR_PRIVILEGE_NOT_HELD\n SetFileValidData(h, newSize.QuadPart);\n\n CloseHandle(h);\n\n return 0;\n}\n<\/pre>\n<p>The answer is hidden in <a HREF=\"https:\/\/msdn.microsoft.com\/library\/windows\/desktop\/aa365544(v=vs.85).aspx\">the documentation for the <code>Set&shy;File&shy;Valid&shy;Data<\/code> function<\/a>: <\/p>\n<blockquote CLASS=\"q\"><p>A caller must have the <b>SE_MANAGE_VOLUME_NAME<\/b> privilege enabled when opening a file initially. <\/p><\/blockquote>\n<p>The program didn&#8217;t enable the manage volume privilege until after it had already created the file handle. <\/p>\n<p>This requirement that the privilege be active at the point the handle is created becomes less surprising when you realize that the general policy for kernel object security is that security is checked at the time handles are created, rather than when they are used. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>It&#8217;s all in the timing.<\/p>\n","protected":false},"author":1069,"featured_media":111744,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[25],"class_list":["post-93565","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-oldnewthing","tag-code"],"acf":[],"blog_post_summary":"<p>It&#8217;s all in the timing.<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts\/93565","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/users\/1069"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/comments?post=93565"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts\/93565\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/media\/111744"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/media?parent=93565"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/categories?post=93565"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/tags?post=93565"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}