-
公开(公告)号:US20070162510A1
公开(公告)日:2007-07-12
申请号:US11323952
申请日:2005-12-30
IPC分类号: G06F17/30
CPC分类号: G06F21/6218 , G06F16/188 , G06F16/2365 , G06F16/24562
摘要: Certain applications, especially legacy applications, try to write to areas of the system that require administrator privileges and hence fail to run successfully for users with lessened privileges. The disclosed system redirects certain file writes, i.e., globally impactful file writes to specific locations that require administrator privileges and would otherwise fail for others users, so as to allow the same file writes to succeed by redirecting them to happen in the context of the user, i.e., in a per-user virtualization location. In particular, virtualization only occurs when the application is actually going to write to the file, not just when file access is requested without an intention of writing to or otherwise actually altering the file. Following virtualization, applications are redirected to use the virtualized files. The system thus allows users to run applications that otherwise would not be enabled, and to maintain a higher level of security when doing so.
摘要翻译: 某些应用程序,特别是旧版应用程序,尝试写入需要管理员权限的系统区域,因此无法成功地为具有较少权限的用户运行。 所公开的系统将某些文件写入重定向,即全局影响的文件写入到需要管理员权限的特定位置,否则将为其他用户失败,以便允许相同的文件写入成功通过重定向到在用户的上下文中发生 ,即在每个用户虚拟化位置。 特别地,虚拟化仅在应用程序实际上要写入文件时发生,而不仅仅是当请求文件访问而不打算写入或以其他方式实际改变文件时。 在虚拟化之后,将应用程序重定向到使用虚拟化文件。 因此,系统允许用户运行否则将不能启用的应用程序,并在执行此操作时保持更高级别的安全性。