locked
16 bit apps getting out of their bubble ! RRS feed

  • Question

  • Hi All

    I've seen a couple of sequenced 16 bit apps now that manage to write to the file system and registry on the host machine which is not supposed to happen is it?! 

    16 bit apps run under the NT Virtual DOS Machine (NTVDM.exe) process.  It looks as though the NTVDM is able to write outside of the bubble even though process explorer shows it being inside the bubble.  This came to light when sequenced 16 bit apps behaved differently under an admin logon than a user logon.  I was worried that application was writing to the host machine with admin rights.  I appeared to be right.  In one case a 16 bit dll was being registered at runtime - in the registry on the local machine - path to the control was Q:\....!.  In the other, access to the c:\windows\Temp folder was being checked, worked with admin, errors under user.  Applying rights for user to C:\windows\temp solved the error.

    Can someone explain what might be happening here?  Are there special tricks to use for 16 bit apps ?

    Many Thanks
    zukie
    Monday, April 6, 2009 4:06 PM

Answers

  • do you have
    <ENVIRONMENT VARIABLE="TMP">C:\windows\temp</ENVIRONMENT>
    in OSD Files. If so then change them to
        <ENVIRONMENT VARIABLE="TEMP">%temp%</ENVIRONMENT>
        <ENVIRONMENT VARIABLE="TMP">%temp%</ENVIRONMENT>

    GNU Developer by choice ....
    Monday, April 6, 2009 7:53 PM

All replies

  • Hello,

    Not sure about the .DLL getting registered, however - the temp directory could always be "fully virtualized".
    While sequencing place a file in the directory.
    After sequencing and while in the editor, mark the directory as fully virtualized.

    Make sure you set the appropiate permissions or make sure to uncheck that permissions are to be enforced after sequencing.

    /Znack
    Monday, April 6, 2009 4:46 PM
  • do you have
    <ENVIRONMENT VARIABLE="TMP">C:\windows\temp</ENVIRONMENT>
    in OSD Files. If so then change them to
        <ENVIRONMENT VARIABLE="TEMP">%temp%</ENVIRONMENT>
        <ENVIRONMENT VARIABLE="TMP">%temp%</ENVIRONMENT>

    GNU Developer by choice ....
    Monday, April 6, 2009 7:53 PM
  • Actually, if you have virtualized environment variables TEMP or TMP in your OSD, I recommend removing them totally. This way the virtual app should see user's normal %temp%.

    As for the virtual registry issue with 16-bit apps, it just might be that there's some shims for those 16-bit apps that work outside the bubble and that's why you are getting Q: -paths to real registry. For filesystem -related permission issues (like with TEMP), that can also happen with 32-bit apps too as VFS entries basically dictate what's done with filesystem access.

    br,
    Kalle
    Wednesday, April 8, 2009 11:13 AM
    Moderator
  • I am having a similar issue with a 16-bit application... ATC Challenge is the application (v3.0) and ProcMon is showing an Access Denied error on ntvdm.exe... The virtual application runs fine when administrator or power user... won't run under low priv user.

    Have included \Windows\Temp in the bubble to capture files and tried sequencing with and without enforcing permissions.  I also included the Registry edit for the WOW components... nothing seems to be working.  I was able to sequence the previous version of this application with the above tweaks...

    Any thoughts?

    jcl

    Monday, August 2, 2010 7:55 PM