To Boldly Go Where No Technican Has Gone Before

Windows likes to hide certain files and folders in its operating systems. As technicians, we sometimes need access to said files and folders. One of the famous ones is where Internet Explorer stores its temporary cache files. This is in the folder C:\documents and settings\local settings\Temporary Internet Files.

Upon looking at this folder in Windows explorer, we see this:

The fact is, this is not a true representation of what is really in the folder. For that, we have to hit a command prompt:

Another folder with this restriction was C:\windows\system32\dllcache. In at least Windows 2000, if you tried to navigate to this folder from Windows explorer, you wouldn’t find it. However, it appears they lifted that restriction, at least in Windows XP SP2.

So is this Windows issue or an Explorer issue? To find out, let’s load up FreeCommander 2006 and see if we can see the Temporary Internet files folder:

Lo and below, we see it! So there is code in explorer.exe to block users from seeing that folder. If you want to see all the files and folders on your hard drive, it’s best not to use explorer, but a 3rd party file program.

Windows Vista takes this a step further and removes the administrators group from system folders. That means that just because are you an administrator doesn’t mean you are a “demigod” anymore. If you have UAC enabled on Windows Vista, always remember the following: “Administrators run as standard users, even when in the administrators group with UAC turned on”. You are only given the “demigod” token when UAC prompts you to elevate for a certain action. As soon as the action is complete, the token is taken away.

This “feature” is designed so that if someone with administrative privileges runs a spyware program that program cannot inject itself into critical system folders or so Microsoft says. When you run a setup program, Windows Vista detects certain manifests within the setup program and gives it the TrustedInstaller token. This allows it to write to C:windows among other folders. So what would prevent a spyware programmer from making all of his spyware programs setup like programs? No quite sure myself. My guess is that Microsoft is trying to educate us. If you visit a web site and it wants to run a setup program, a red flag should go up right away. Hitting yes to that prompt gives that program the right to modify your system files.

If you are an administrator and need to modify files in C:\windows or other folders, you now have to take ownership of said files and folders. Once you do this, you can modify the security to give yourself write access.

– Soli Deo Gloria

One Reply to “To Boldly Go Where No Technican Has Gone Before”

Comments are closed.