Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
1.0k views
in Technique[技术] by (71.8m points)

security - Reproducing the blocked exe "unblock" option in file properties in windows 2003

When I download my program from my website to my windows 2003 machine, it has a block on it and you have to right click on the exe, then properties, then select the button "Unblock".

I would like to add detection in my installer for when the file is blocked and hence doesn't have enough permissions.

But I can't eaisly reproduce getting my exe in this state where it needs to be unblocked.

How can I get the unblock to appear on my exe so I can test this functionality?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

This is done using NTFS File Streams. There is a stream named "Zone.Identifier" added to downloaded files. When IE7 downloads certain types of file that stream contains:

[ZoneTransfer]
ZoneId=3

The simplest way to set it is to create a text file with those contents in it, and use more to add it to the alternate stream.

Zone.Identifier.txt:

[ZoneTransfer]
ZoneId=3

Command:

more Zone.Identifier.txt > file.exe:Zone.Identifier

Then, the way for you to check it would be to try to open the Zone.Identifier stream and look for ZoneId=3, or simply assume that if the stream exists at all that your user will receive that warning.

It's also important to note that this has nothing to do with permissions. Administrators see the same warning; it's to do entirely with the source and type of file. The entire stream goes away when users uncheck the "Always ask before opening this file" box and then click Run.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...