* [9fans] bind on windows?
@ 2012-04-01 20:12 Nick LaForge
2012-04-01 20:14 ` Nick LaForge
0 siblings, 1 reply; 7+ messages in thread
From: Nick LaForge @ 2012-04-01 20:12 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
On Windows, I often want to plop a single file into some admin-owned
directory. E.g., I have +rx perms but not write, and some
admin-installed program insists on writing to or reading/executing a
plugin of mine in its own u-w directory. Has anybody used something
like bind on Windows? I found this, but it looks like overkill:
http://dokan.googlecode.com/svn/trunk/dokan/readme.txt
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [9fans] bind on windows?
2012-04-01 20:12 [9fans] bind on windows? Nick LaForge
@ 2012-04-01 20:14 ` Nick LaForge
2012-04-01 20:41 ` Aram Hăvărneanu
0 siblings, 1 reply; 7+ messages in thread
From: Nick LaForge @ 2012-04-01 20:14 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
(should have said o-w and not u-w)
On 4/1/12, Nick LaForge <nicklaforge@gmail.com> wrote:
> On Windows, I often want to plop a single file into some admin-owned
> directory. E.g., I have +rx perms but not write, and some
> admin-installed program insists on writing to or reading/executing a
> plugin of mine in its own u-w directory. Has anybody used something
> like bind on Windows? I found this, but it looks like overkill:
> http://dokan.googlecode.com/svn/trunk/dokan/readme.txt
>
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [9fans] bind on windows?
2012-04-01 20:14 ` Nick LaForge
@ 2012-04-01 20:41 ` Aram Hăvărneanu
2012-04-01 21:05 ` Nick LaForge
[not found] ` <CAEE9J-VwHx-VgOoaORxNcJ3nc3a56s3On7K=_4VuL4CJR6VxpA@mail.gmail.c>
0 siblings, 2 replies; 7+ messages in thread
From: Aram Hăvărneanu @ 2012-04-01 20:41 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
When I was writing Windows file systems for living, I played with the
Dokan library. Played is a very good word, it's a toy, at best. And
maybe even that's an overstatement.
Implementing bind in a file system filter is easy, as far as writing
Windows filesystems goes, but unfortunately to be able to hand it to
people you need to pay around $400 to some certificate authority to
sign your kernel mode driver, else Windows won't load it.
If you're the only user you can add yourself as a certificate
authority, and you can use your own work for free.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [9fans] bind on windows?
2012-04-01 20:41 ` Aram Hăvărneanu
@ 2012-04-01 21:05 ` Nick LaForge
[not found] ` <CAEE9J-VwHx-VgOoaORxNcJ3nc3a56s3On7K=_4VuL4CJR6VxpA@mail.gmail.c>
1 sibling, 0 replies; 7+ messages in thread
From: Nick LaForge @ 2012-04-01 21:05 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
Thanks; it's for my own convenience and not for others, so
certificates aren't an issue.
On 4/1/12, Aram Hăvărneanu <aram.h@mgk.ro> wrote:
> When I was writing Windows file systems for living, I played with the
> Dokan library. Played is a very good word, it's a toy, at best. And
> maybe even that's an overstatement.
>
> Implementing bind in a file system filter is easy, as far as writing
> Windows filesystems goes, but unfortunately to be able to hand it to
> people you need to pay around $400 to some certificate authority to
> sign your kernel mode driver, else Windows won't load it.
>
> If you're the only user you can add yourself as a certificate
> authority, and you can use your own work for free.
>
>
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [9fans] bind on windows?
[not found] ` <CAEE9J-VwHx-VgOoaORxNcJ3nc3a56s3On7K=_4VuL4CJR6VxpA@mail.gmail.c>
@ 2012-04-02 1:19 ` erik quanstrom
2012-04-02 10:05 ` Aram Hăvărneanu
[not found] ` <CAEAzY38nY69vFiKAky8-wk1w0PzWpTfi1oOmFMvzmMDdYrM0og@mail.gmail.c>
0 siblings, 2 replies; 7+ messages in thread
From: erik quanstrom @ 2012-04-02 1:19 UTC (permalink / raw)
To: 9fans
> > Implementing bind in a file system filter is easy, as far as writing
> > Windows filesystems goes, but unfortunately to be able to hand it to
> > people you need to pay around $400 to some certificate authority to
> > sign your kernel mode driver, else Windows won't load it.
iirc, you can load it, but it requires some hoops. getting a hoop-free
version requires a whcl sig, and that costs $75 and a few days of tests.
- erik
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [9fans] bind on windows?
2012-04-02 1:19 ` erik quanstrom
@ 2012-04-02 10:05 ` Aram Hăvărneanu
[not found] ` <CAEAzY38nY69vFiKAky8-wk1w0PzWpTfi1oOmFMvzmMDdYrM0og@mail.gmail.c>
1 sibling, 0 replies; 7+ messages in thread
From: Aram Hăvărneanu @ 2012-04-02 10:05 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
> iirc, you can load it, but it requires some hoops. getting a hoop-free
> version requires a whcl sig, and that costs $75 and a few days of tests.
You can load it in either two ways, you can boot into test mode, which
disables signature checking and writes "Test mode" in the bottom right
corner of the screen, or you can properly sign the binary yourself and
add yourself as a root CA in the certificate store.
Loading a kernel mode binary doesn't require a WHQL cross-signature,
but WHQL will disable some yellow warnings otherwise shown to the
user. WHQL is very expensive, depends on the type of driver, for what
I was doing it was in the order of $2k/test. Every new version of the
binary required a new test. Other types of drivers are cheaper or more
expensive, we never bothered with WHQL, it was too expensive for us.
There was no WHQL option for file system and I believe that stands
true today as well.
Regular, non-WHQL signature you can use are much expensive than $75,
they are in the order of $500/year:
http://www.symantec.com/verisign/code-signing/microsoft-authenticode/buy
--
Aram Hăvărneanu
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [9fans] bind on windows?
[not found] ` <CAEAzY38nY69vFiKAky8-wk1w0PzWpTfi1oOmFMvzmMDdYrM0og@mail.gmail.c>
@ 2012-04-02 14:34 ` erik quanstrom
0 siblings, 0 replies; 7+ messages in thread
From: erik quanstrom @ 2012-04-02 14:34 UTC (permalink / raw)
To: 9fans
> Loading a kernel mode binary doesn't require a WHQL cross-signature,
> but WHQL will disable some yellow warnings otherwise shown to the
> user. WHQL is very expensive, depends on the type of driver, for what
> I was doing it was in the order of $2k/test. Every new version of the
> binary required a new test. Other types of drivers are cheaper or more
> expensive, we never bothered with WHQL, it was too expensive for us.
> There was no WHQL option for file system and I believe that stands
> true today as well.
i have no explaination for the differences you see, but this is even more
pointless than a bike shed argument. since in the end, the ms machinery
painted the shed whatever color it wanted and now even it itself is locked in for
eternity. :-)
- erik
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2012-04-02 14:34 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-04-01 20:12 [9fans] bind on windows? Nick LaForge
2012-04-01 20:14 ` Nick LaForge
2012-04-01 20:41 ` Aram Hăvărneanu
2012-04-01 21:05 ` Nick LaForge
[not found] ` <CAEE9J-VwHx-VgOoaORxNcJ3nc3a56s3On7K=_4VuL4CJR6VxpA@mail.gmail.c>
2012-04-02 1:19 ` erik quanstrom
2012-04-02 10:05 ` Aram Hăvărneanu
[not found] ` <CAEAzY38nY69vFiKAky8-wk1w0PzWpTfi1oOmFMvzmMDdYrM0og@mail.gmail.c>
2012-04-02 14:34 ` erik quanstrom
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).