The magics of FILE_FLAG_BACKUP_SEMANTICS flag or contradiction in the MSDN library

MSDN: “The FILE_FLAG_BACKUP_SEMANTICS flag specified in the call to CreateFile gives the backup application process permission to read the access-control settings of the file or directory. With this permission, the backup application process can then call GetKernelObjectSecurity and SetKernelObjectSecurity to read and than reset the access-control settings.”.

However there is another (undocumented) behavour of FILE_FLAG_BACKUP_SEMANTICS flag. It allows non-privileged user to flush buffers on a volume.

The documentation for FlushFileBuffers function contradicts the found undocumented behavour: “To flush all open files on a volume, call FlushFileBuffers with a handle to the volume. The caller must have administrative privileges.”

Read this discussion on kernel NG.

Leave a Reply

Your email address will not be published. Required fields are marked *

Identify yourself * Time limit is exhausted. Please reload CAPTCHA.