TONT 35853 当人们要将安全漏洞作为功能的时候:在资源管理器中隐藏文件

请注意:本页内容发布于 1709 天前,内容可能已经过时,请注意甄别。

原文链接:https://devblogs.microsoft.com/oldnewthing/20050419-50/?p=35853

By default, Explorer does not show files that have the FILE_ATTRIBUTE_HIDDEN flag, since somebody went out of their way to hide those files from view.

通常情况下,资源管理器不会显示带有 FILE_ATTRIBUTE_HIDDEN 标签的文件,因为有人特意将这些文件在视图中隐藏了。

You can, of course, ask that such files be shown anyway by going to Folder Options and selecting “Show hidden files and folders”. This shows files and folders even if they are marked as FILE_ATTRIBUTE_HIDDEN.

当然,你也可以刻意要求将这些文件显示出来,方法是在『文件夹选项』中勾选『显示隐藏的文件和文件夹』。这样即便被标记了 FILE_ATTRIBUTE_HIDDEN 标签的文件和文件夹也会被显示出来。

On the other hand, files that are marked as both FILE_ATTRIBUTE_HIDDEN and FILE_ATTRIBUTE_SYSTEM remain hidden from view. These are typically files that involved in the plumbing of the operating system, messing with which can cause various types of “excitement”. Files like the page file, folder configuration files, and the System Volume Information folder.

另一方面,同时具有 FILE_ATTRIBUTE_HIDDEN  和 FILE_ATTRIBUTE_SYSTEM 标签的文件在视图中仍然是隐藏的,这类文件通常是对系统来说至关重要的,对这些文件乱来会造成各种各样『激动人心』的事情,例如页面文件(译注:虚拟内存)、文件夹的配置文件、以及卷信息(System Volumn Information)文件夹。

If you want to see those files, too, then you can uncheck “Hide protected operating system files”.

如果你想看到这些文件,可以选择取消勾选『隐藏受保护的系统文件』。

Let’s look at how far this game of hide/show ping-pong has gone:

现在我们来看看这场隐藏与显示猫鼠游戏走到了什么地步:

Show(显示) Hide(隐藏)
1. Normal file(普通文件)
2. Hidden file(带有隐藏属性的文件)
3. “Show hidden files”(『显示隐藏的文件(和文件夹)』)
4. Hidden + System(带有隐藏+系统属性的文件(和文件夹))
5. “Show protected
operating system files”(『显示受保护的系统文件』)

You’d think this would be the end of the hide/show arms race, but apparently some people want to add a sixth level and make something invisible to Explorer, overriding the five existing levels.

你可能以为这场隐藏与现实的军备竞赛就到此为止了,但很显然,有人还想再加一个第六级别,让某些东西在资源管理器中不可见,凌驾于现有的五层设计之上。

At some point this back-and-forth has to stop, and for now, it has stopped at level five. Adding just a sixth level would create a security hole, because it would allow a file to hide from the user. As a matter of security, a sufficiently-privileged user must always have a way of seeing what is there or at least know that there is something there that can’t be seen. Nothing can be undetectably invisible.

这种你来我往的竞赛到了某种程度就应该打住了,而目前则停在了第五级上。只增加一个第六级会催生一个安全漏洞,因为那样就会允许某个文件对用户不可见。出于安全考虑,某个具备足够权限的用户必须总是有办法看到某处有什么东西,或者至少知道那里有什么目前看不到的东西。任何东西完全隐形、无法被检测到是不可以的。

If you add a sixth level that lets a file hide from level five, then there must be a level seven that reveals it.

如果你真的增加了在第五级的情况下看不到的第六级,那么就必须有第七级可以解除这种限制。

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注

 剩余字数 ( Characters available )

Your comment will be available after auditing.
您的评论将在通过审核后显示。

Please DO NOT add any links in your comment, otherwise it would be identified as SPAM automatically and never be audited.
请不要在评论中插入任何链接,否则将被自动归类为垃圾评论,且永远不会被提交给博主进行复审。

*