Expect a Secure Desktop
Windows 2000 provides a secure operating environment. This means that access
controls can be placed on various system resources to restrict users from
performing certain operations. These issues come up most often when writing
data to the file system or registry. Security is enforced by the operating
system at a low level and typically cannot be circumvented by applications.
The bottom line is that an administrator can restrict access to files, folders,
and the registry using Access Control Lists (ACLs), and your application needs
to be written with this in mind. The following sections contain a few simple
guidelines that will enable your application to work properly in a secure
environment. The most important things to remember are:
- Classify and store data correctly.
It is vital in any managed system that applications store their data correctly.
You should ensure that your program writes its data (such as user preferences,
program state, temp files etc.) to the appropriate location.
- Open files and registry keys with minimum
access required. Windows 2000 introduces new security settings that make
it possible for system administrators to restrict access to most of a machine.
You can avoid unnecessary errors in your application by only opening registry
keys and files with the minimum access you need to get the job done.
- Handle access-denied errors and degrade
gracefully. “Out of memory or disk space” messages are misleading and
frustrating to users that know they have lots of both. Many times the application
mistakenly assumed it had sufficient access to the registry or file system without
actually checking beforehand. Other times, the level of error handling is simply
deficient to report and handle the event that actually occurred.
- Support Encrypted Files. Windows 2000
introduces the Encrypted File System (EFS) as a way to protect the
privacy of user data. Users or administrators can selectively encrypt files and
folders on NTFS 5 file systems. The encryption/decryption is totally transparent
to the user, which means that your program needs to be smart in dealing with
files.
Desktop security is an all-pervasive aspect of the Windows 2000 platform. At some
time your application will encounter Windows security, it’s just a fact of life.
Code defensively, anticipate any security implications and devise solutions.