| Date: | January 31, 2006 / year-entry #40 |
| Tags: | history |
| Orig Link: | https://blogs.msdn.microsoft.com/oldnewthing/20060131-00/?p=32453 |
| Comments: | 24 |
| Summary: | On FAT drives, the directory that stores files in the Recycle Bin is called C:\RECYCLED, but on NTFS drives, its name is C:\RECYCLER. Why the name change? The FAT and NTFS Recycle Bins have different internal structure because NTFS has this thing called "security" and FAT doesn't. All recycled files on FAT drives are dumped... |
On FAT drives, the directory that stores files in the Recycle Bin is called The FAT and NTFS Recycle Bins have different internal structure because NTFS has this thing called "security" and FAT doesn't. All recycled files on FAT drives are dumped into a single Suppose the same directory name were used for both file systems, say, Giving the NTFS Recycle Bin a different name means that the Recycle Bin shell folder won't get confused by the "wrong" type of recycle bin directory structure on an NTFS volume. Yes, the problem could have been solved some other way. For example, there could have been code to inspect the Recycle Bin directory to determine what format it is and ignore it if it didn't match the actual file system. (Or, if you're feeling really ambitious, somehow convert from one format to the other.) But that would be over-engineering. You have to write and test the detection (and possibly conversion) code, there's the risk of a false-positive, the code runs at every boot, and it needs to be maintained whenever either the FAT or NTFS recycle bin format changes. All for a scenario that happens at most once per drive. Or you could change one text string and be done with it. (I could make some really awful "Gordian knot"/"string" remark here but will refrain.) |
Comments (24)
Comments are closed. |
A recycle bin on a FAT-NTFS converted drive is still FAT, not NTFS?
Or you could make emptying the recycling bin part of the conversion process, thus eliminating the possibility of confusion.
2. What if you had a regular folder whose name happened to be "RECYCLED"? The conversion would delete it!
Sebastian wrote:
"Or you could make emptying the recycling bin part of the conversion process, thus eliminating the possibility of confusion."
That would remove control of such operations from the user. I and I alone should be the one to make the decision on when to remove or recall contents from the recycle bin.
Also, the word "conversion" means to transform from one format to another – not transform and change half my stuff in the process.
James
oldnewthing wrote:
"2. What if you had a regular folder whose name happened to be "RECYCLED"? The conversion would delete it!"
———
What happens in the other case, when you have a folder named "RECYCLER" on a FAT partition and convert it to NTFS?
I see that the folder is accessible on my NTFS drives, and that I can get into subfolders fine (Norton put an NPROTECT folder in there that I can get into and see files).
This makes me think that whatever you have before the conversion will still be there and accessible after the conversion (unless you have a folder that happens to be named "S-…", which Explorer won’t let me look at; it brings up Unerase Wizard). If this is the case, then why was the name change necessary? Files in the old recycling bin would still be there after the conversion, and wouldn’t be "lost" to the user.
I think the reason might be that "RECYCLER" is a hidden system folder, so users who have Explorer set up to not show files and folders flagged like that would never see it (especially those who don’t know about the option)… but "RECYCLED" on a FAT partition should be flagged the same way, and the conversion shouldn’t change that; because then it would have knowledge of a higher-level component.
Extra shell logic is needed anyway to handle FAT/NTFS differently, so with about the same amount of complexity it could have just automatically detect (and handle) the two possible types of storage inside the same folder name. This way it would have been more elegant/uniform IMO.
Another solution would have been to move the whole "recycle bin" logic to a lower level (something like NProtect or Salvage on Netware volumes), but I understand this is an utopia considering the history of Windows.
Orlphar,
Perhaps a better question is what happens if there is a file called "RECYCLER"…
Why not just have FAT use an "Everyone" SID?
Edge cases!
Tuesday, January 31, 2006 11:59 AM by James Summerlin
> I and I alone should be the one to make the
> decision on when to remove or recall contents
> from the recycle bin.
You’re in for at least two big disappointments.
1. If the size occupied by files in the recycle bin reaches some threshhold, Windows automatically deletes some. The threshhold doesn’t depend on how much unused free space remains available in the partition for ordinary applications to write files, the threshhold depends on some percentage of the original size of the partition.
2. Limited users can look in the recycle bin, see files that administrative users put in it, and permanently delete them. (I didn’t think of trying to restore one, which could potentially be a security risk.)
"What happens in the other case, when you have a folder named "RECYCLER" on a FAT partition and convert it to NTFS?"
Or, similarly, what did Windows 95 do when a drive already had something named RECYCLED on it? Interesting that the opportunity was not taken to use a name that could not have existed before LFN.
"Also, the word ‘conversion’ means to transform from one format to another – not transform and change half my stuff in the process."
The recycle bin isn’t converted anyway. I dunno, I don’t think I’d have a problem with someone dumping my trash out while moving between offices.
Then again, I always use shift-delete on files…
I imagine any user can empty all the existing files in the recycling bin just by deleting enough new files to hit the allocated percentage. Regardless of ACLs.
If you have a situation where Limited Users can look into or modify the contents of another user’s Recycle Bin, you’ve done something [unsupported] to mess with the default ACLs. Some [unsupported/unsupportable] 3rd party security guidance recommends file system ACL changes that have this unintended side effect. The ACL on each RECYCLERS-… folder should allow access only to the user whose Bin it is, to Administrators and to SYSTEM. The folder is created by Explorer when Recycle Bin functionality is first invoked by that user and ACLed at that time. (The user should also be the owner of the folder.)
"Also, the word ‘conversion’ means to transform from one format to another – not transform and change half my stuff in the process."
Well, as long as it would *tell you* that it will empty the recycle bin when converting, there’s nothing to complain about.
> I imagine any user can empty all the existing files in the recycling
> bin just by deleting enough new files to hit the allocated percentage.
> Regardless of ACLs.
I’m not sure if that would be true. Now, obviously I know nothing of Window’s architecture, but if it was *me* doing it, then when the Recycle bin reaches it’s "maximum percentage of the disk", I’d start deleting files out of the *current user’s* section (i.e. under my S-* sub-folder) – oldest files first, of course.
That would mean that a single user could never delete other user’s files, because the Recycle Bin would only ever be deleting his own files.
But that’s just me guessing.
While we’re on the recycle bin, why does it sometimes get the ‘full’ icon when it is empty? The effect even seems to survive a reboot.
Thursday, February 02, 2006 9:51 AM by Stu
> While we’re on the recycle bin, why does it
> sometimes get the ‘full’ icon when it is
> empty?
Because it runs out of disk space trying to record the fact that the recycle bin is empty? No, unfortunately for this answer, that’s not how it happens, because it really fails to empty the recycle bin in such a case.
> The effect even seems to survive a reboot.
Now for THAT we do know the answer. Whenever it thinks it’s changed the status of the recycle bin, it records the status in the registry. And then it just believes the registry instead of checking the actual recycle bin, because of this:
http://blogs.msdn.com/oldnewthing/archive/2006/01/24/516808.aspx
Sorry for two in a row but here’s the result of a small partial experiment.
In an NTFS partition I created a file (not folder) named RECYCLER
Then created a small scratch file, then right-clicked it and selected Delete. Explorer didn’t ask if I wanted to move the file to the recycle bin, Explorer asked if I wanted to delete the file.
(Now I wonder, if I create a file named "System Volume Information" on every external USB and SCSI hard drive partition, then will Windows XP refrain from putting restore points on them.)
What usre mode APIs can you give you the SID for the current user?
Is this documented anywhere, or did it take you 4 months of code reviewing to find out why the names differ?
Joe:
Try LookupAccountName in advapi32.dll:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/security/lookupaccountname.asp
PingBack from http://dator.wordpress.com/2007/06/27/crecycler/
You can ask for its description ID.