nihilist/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt synced 2024-11-10 05:03:33 +01:00
Code Issues Packages Projects Releases Wiki Activity

Windows: if /fastCreateFile set, request SE_MANAGE_VOLUME_NAME privileges (credits: @xnoreq)

Browse Source 
Display a warning if request failed and allow to continue without fast creation
This commit is contained in:
Mounir IDRASSI 2023-06-23 00:36:07 +02:00
parent 0e4f1ecee3
commit bb55343f63
No known key found for this signature in database
GPG Key ID: 02C30AE90FAE4A6F
2 changed files with 24 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
src/Common/Format.c
View File

@ -401,12 +401,29 @@ int TCFormatVolume (volatile FORMAT_VOL_PARAMETERS *volParams)
if (speedupFileCreation)
{
// accelerate file creation by telling Windows not to fill all file content with zeros
// this has security issues since it will put existing disk content into file container
// We use this mechanism only when switch /fastCreateFile specific and when quick format
// also specified and which is documented to have security issues.
// we don't check returned status because failure is not issue for us
SetFileValidData (dev, volumeSize.QuadPart);
if (!SetPrivilege(SE_MANAGE_VOLUME_NAME, TRUE))
{
DWORD dwLastError = GetLastError();
if (Silent || (MessageBoxW(hwndDlg, GetString ("ADMIN_PRIVILEGES_WARN_MANAGE_VOLUME"), lpszTitle, MB_YESNO | MB_ICONWARNING | MB_DEFBUTTON2) == IDNO))
{
SetLastError(dwLastError);
nStatus = ERR_OS_ERROR;
goto error;
}
}
else
{
// accelerate file creation by telling Windows not to fill all file content with zeros
// this has security issues since it will put existing disk content into file container
// We use this mechanism only when switch /fastCreateFile specific and when quick format
// also specified and which is documented to have security issues.
// we don't check returned status because failure is not issue for us
if (!SetFileValidData (dev, volumeSize.QuadPart))
{
nStatus = ERR_OS_ERROR;
goto error;
}
}
}
if (SetFilePointer (dev, 0, NULL, FILE_BEGIN) != 0)

1
src/Common/Language.xml
View File

@ -389,6 +389,7 @@
<entry lang="en" key="ADMINISTRATOR">Administrator</entry>
<entry lang="en" key="ADMIN_PRIVILEGES_DRIVER">In order to load the VeraCrypt driver, you need to be logged into an account with administrator privileges.</entry>
<entry lang="en" key="ADMIN_PRIVILEGES_WARN_DEVICES">Please note that in order to encrypt, decrypt or format a partition/device you need to be logged into an account with administrator privileges.\n\nThis does not apply to file-hosted volumes.</entry>
<entry lang="en" key="ADMIN_PRIVILEGES_WARN_MANAGE_VOLUME">Unable to activate fast file creation: Administrator privileges required.\nPlease relaunch the program as an Administrator to enable this feature.\n\nWould you like to proceed without fast file creation?</entry>
<entry lang="en" key="ADMIN_PRIVILEGES_WARN_HIDVOL">In order to create a hidden volume you need to be logged into an account with administrator privileges.\n\nContinue?</entry>
<entry lang="en" key="ADMIN_PRIVILEGES_WARN_NTFS">Please note that in order to format the volume as NTFS/exFAT/ReFS you need to be logged into an account with administrator privileges.\n\nWithout administrator privileges, you can format the volume as FAT.</entry>
<entry lang="en" key="AES_HELP">FIPS-approved cipher (Rijndael, published in 1998) that may be used by U.S. government departments and agencies to protect classified information up to the Top Secret level. 256-bit key, 128-bit block, 14 rounds (AES-256). Mode of operation is XTS.</entry>