WindowsSearchSafeFilter.exe permission issue

Hot Topic

Anti-view source code
Generics and Inheritance question
Serialization
ProgressChanged not being called?
Design Issue
How do I organize my code in small segements that I can minamize??
A beautiful language ruined by generics
Add new user in LDAP (DirectoryEntry)
Resize Window and controls on resize..
Bind with WindowsIdentity

Visual C#

Determining IIS Options via C#
Enum question C# and VB
Launching Novell mail client programmatically
Indexing never ends with Norton Protected Recycle Bin
How do i convert a string in yyyy-mm or mm-yyyy format to a DateTime?
The program made by VS.NET 2003 with .NET Framework v1.1 can run under .NET Framework v2.0, right?
How to write "javadoc" in C#?
Creating a Service
creating a dom navigable document from a string
'Couldn't find specified module.', 'FileNotFoundException' when declaring class

WindowsSearchSafeFilter.exe permission issue

It seems when I click an item of my custom file type in WDS search result window, my IFilter will be loaded by WindowsSearchSafeFilter.exe [Version info: 02.06.5000.5378(winmain(wmbla).060313-1257))]

Something strange here is that: in my IFilter, I can only create and write new temp files, but not delete them, the error returned is always 5 (ERROR_ACCESS_DENIED)

I used FileMon tool to monitor the handles, it's not accessed by someone else. To further test this, I tried following when the Ifilter is called:

1 create a temp file

2 write a few bytes to the file

3 close the file

4. Then try to delete the file, it returns error 5

I don't have this issue when the IFilter is loaded by WindowsSearchFilter.exe. Also, at step 4 above, I can delete the file from Windows explorer. TaskMgr shows all these processes are running under the current user, file ACL shows the current user as owner with full control.

So I'm wondering if there is some special security handling in WindowsSearchSafeFilter.exe If so, how can I clean up my temp files

Thanks a lot!

Answer this question

WindowsSearchSafeFilter.exe permission issue

  • Robert Wright

    Hello wzhao2000,

    After some research and advice from my colleagues I have obtained the following information (note this is a quote):

    The filter host runs under restricted security token and trims privileges as much as it can; leaving the only minimum required for operation. This is done in order to execute third-party filters in the safest manner. Ideally, IFilters are not supposed to create temporary files. It’s better to avoid using temporary files for both security and performance reasons.

    Here is a fragment from “Platform SDK: Indexing Service, Secure Code Practices” (http://msdn.microsoft.com/library/default.asp url=/library/en-us/indexsrv/html/ixarch_8a0j.asp):

    “…Avoid creating temporary files or writing to the registry…”

    The user can try to call CreateFile with FILE_FLAG_DELETE_ON_CLOSE, however I don’t guarantee that it will help.

    (FILE_FLAG_DELETE_ON_CLOSE will make the system auto-delete a temporary file on close)

    In the event that you need to use temp files you might give the above a try. If at all possible, it is probably best to avoid creating temp files with the IFilter for security reasons.

    Paul Nystrom - MSFT



  • WindowsSearchSafeFilter.exe permission issue
Answer this question