Содержание

Windows Resource Protection
Windows Resource Protection
Содержание
Обзор
Защищаемые ресурсы
См. также
Ссылки
Смотреть что такое «Windows Resource Protection» в других словарях:
About Windows Resource Protection
Using Windows Installer and Windows Resource Protection
WFP for Windows Server 2003 and Windows XP/2000
Component Key Files Protected by WFP
Installation of Assemblies by WFP

Windows Resource Protection

Windows Resource Protection (сокр. WRP) — технология, используемая в ОС Windows Vista взамен Windows File Protection. Она защищает ключи реестра и папки, наряду с критически важными системными файлами. Методы, используемые этой технологией для защиты ресурсов, заметно отличаются от аналогичных приёмов Windows File Protection.

Содержание

Обзор

Windows File Protection работала путём регистрации изменений файлов в Winlogon. Если защищённый системный файл подвергался изменениям, он восстанавливался из папки %WinDir%\System32\dllcache. Windows Resource Protection работает, устанавливая дискретные списки доступа (DACLs) и ACL для защищаемых объектов. Разрешение на чтение-запись WRP-защищённых объектов допускается лишь процессам, использующим службу Windows Modules Installer (TrustedInstaller.exe). Теперь даже у администраторов нет прав полного доступа к системным файлам.

Защищаемые ресурсы

Windows Resource Protection предоставляет защиту многочисленным типам файлов:

.dll, .exe, .ocx, .sys, .acm, .ade, .adp, .app, .asa, .asp, .aspx, .ax, .bas, .bat, .bin, .cer, .chm, .clb, .cmd, .cnt, .cnv, .com, .cpl, .cpx, .crt, .csh, .dll, .drv, .dtd, .exe, .fxp, .grp, .h1s, .hlp, .hta, .ime, .inf, .ins, .isp, .its, .js, .jse, .ksh, .lnk, .mad, .maf, .mag, .mam, .man, .maq, .mar, .mas, .mat, .mau, .mav, .maw, .mda, .mdb, .mde, .mdt, .mdw, .mdz, .msc, .msi, .msp, .mst, .mui, .nls, .ocx, .ops, .pal, .pcd, .pif, .prf, .prg, .pst, .reg, .scf, .scr, .sct, .shb, .shs, .sys, .tlb, .tsp, .url, .vb, .vbe, .vbs, .vsmacros, .vss, .vst, .vsw, .ws, .wsc, .wsf, .wsh, .xsd, и .xsl.

WRP также защищает некоторые важные каталоги. Папка, содержащая только WRP-защищённые файлы, может быть заблокирована таким образом, что создание в ней файлов или подкаталогов разрешено лишь доверенному процессу. Возможна частичная блокировка, которую могут обойти администраторы. Важнейшие ключи реестра также защищаются; все его под-ключи и значения нельзя изменить. К тому же, WRP копирует в каталог %WinDir%\WinSxS\Backup только те файлы, что необходимы для перезагрузки системы, а не все, как это делает Windows File Protection, архивирующая в папку Dllcache содержимое системных каталогов целиком.

Таким образом, Windows Resource Protection применяет более эффективные и гибкие инструменты защиты данных: скажем, для изменения единичного защищённого объекта требуется лишь прописать это в ACL, в то время как Windows File Protection потребовалось бы отключить полностью. Как следствие, Windows File Protection не работает под Windows Vista, да и нет в этом необходимости.

System File Checker также интегрирован с WRP. Под Windows Vista, Sfc.exe может быть использован для проверки путей системных папок, включая Windows-папку и загрузочную.

См. также

Ссылки

Windows Resource Protection в Windows Vista (англ.)
Дополнительная информация о WRP и совместимости приложений (англ.)

Компоненты Microsoft Windows
Основные	Aero • ClearType • Desktop Window Manager • DirectX • Проводник (Explorer) • Панель задач («Пуск» • трей) • Shell (namespace • Special Folders • File associations) • Search (Saved search • iFilters) • Graphics Device Interface • WIM • Next Generation TCP/IP stack (Server Message Block) • .NET Framework • Audio • Printing (XML Paper Specification) • Active Scripting (WSH • VBScript • JScript) • COM (OLE • OLE Automation • DCOM • ActiveX • ActiveX Document • Structured storage • Transaction Server) • Previous Versions • WDDM • UAA • Win32 console Backup and Restore Center • COMMAND.COM • cmd.exe • Easy Transfer • Event Viewer • Installer • Netsh • PowerShell • Problem Reports and Solutions • Sysprep • Настройка системы (msconfig) • System File Checker • WinSAT • Windows Update • Восстановление системы • Дефрагментация диска • Диспетчер задач • Диспетчер устройств • Консоль управления • Очистка диска • Панель управления (функции) Актуальные: Contacts • DVD Maker • Fax and Scan • Internet Explorer • Journal • Magnifier • Media Center • Media Player • Meeting Space • Mobile Device Center • Mobility Center • Narrator • Paint • Private Character Editor • Remote Assistance • Speech Recognition • WordPad • Блокнот • Боковая панель • Звукозапись • Календарь • Калькулятор • Ножницы • Почта • Таблица символов Chess Titans • Hold ‘Em • InkBall • Mahjong Titans • Purble Place • Пасьянс «Косынка» • Пасьянс «Паук» • Сапёр • Пасьянс «Свободная ячейка» • Пинбол • Червы Autorun • BITS • CLFS Error Reporting • Multimedia Class Scheduler • Shadow Copy • Task Scheduler • Wireless Zero Configuration • Active Directory • Deployment Services • DFS Replication • DNS • Domains • Folder redirection • Hyper-V • IIS • Media Services • MSMQ • Network Access Protection • Print Services for UNIX • Remote Differential Compression • Remote Installation Services • Rights Management Services • Roaming user profiles • SharePoint Services • System Resource Manager • Terminal Services • WSUS • Групповая политика • Координатор распределённых транзакций Обзор • Object Manager • I/O request packets • Kernel Transaction Manager • Logical Disk Manager • Security Accounts Manager • Windows Resource Protection • LSASS • CSRSS • SMSS • Диспетчер печати • Запуск (Vista) Unix subsystem (Interix) • Virtual DOS Machine • Windows on Windows • WOW64 Wikimedia Foundation . 2010 . Смотреть что такое «Windows Resource Protection» в других словарях: Windows Resource Protection — is a feature in Windows Vista that replaces Windows File Protection. It protects registry keys and folders in addition to critical system files. The way it protects resources differs entirely from the method used by Windows File Protection.… … Wikipedia Windows File Protection — (WFP) is a technology included in all Microsoft Windows operating systems beginning with Windows 2000 to prevent programs from replacing critical Windows system files. Protecting core system files prevents problems such as DLL hell with programs… … Wikipedia Windows File Protection — (Система защиты файлов Windows, сокр. англ. WFP) технология, позволяющая запретить программам изменять или удалять наиболее важные системные файлы Windows. Защита критически важных системных файлов позволяет избежать ряда серьёзных проблем… … Википедия Windows Defender — A component of Microsoft Windows Windows Defender in Windows 7 … Wikipedia Windows PowerShell — Screenshot of a sample PowerShell session … Wikipedia Windows Media Player — A component of Microsoft Windows Details … Wikipedia Windows Search — (formerly known as Windows Desktop Search or WDS on Windows XP and Windows Server 2003) is an indexed desktop search platform released by Microsoft for the Windows operating system.[citation needed] Windows Search for Windows Vista, Windows 7,… … Wikipedia Windows Update — A component of Microsoft Windows Windows Update running on Windows 7 … Wikipedia Windows Media Center — A component of Microsoft Windows … Wikipedia Windows Error Reporting — displaying Problem Details from an issue with Windows Explorer Windows Error Reporting (WER) (codenamed Watson) is a crash reporting technology introduced by Microsoft with Windows XP[1 … Wikipedia About Windows Resource Protection Windows Resource Protection (WRP) prevents the replacement of essential system files, folders, and registry keys that are installed as part of the operating system. It became available starting with Windows ServerВ 2008 and WindowsВ Vista. Permission for full access to modify WRP-protected resources is restricted to TrustedInstaller. WRP-protected resources can only be changed using the Supported Resource Replacement Mechanisms with the Windows Modules Installer service. Protecting these resources prevents application and operating system failures. Applications should not attempt to modify WRP-protected resources because these are used by Windows and other applications. If an application attempts to modify a WRP-protected resource, it can have the following results. Application installers that attempt to replace, modify, or delete critical Windows files or registry keys may fail to install the application and will receive an error message stating that access to the resource was denied. Applications that attempt to add or remove sub-keys or change the values of protected registry keys may fail and will receive an error message stating that access to the resource was denied. Applications that rely on writing any information into protected registry keys, folders, or files may fail. WRP is the new name for Windows File Protection (WFP). WRP protects registry keys and folders as well as essential system files. WFP was available in Microsoft Windows ServerВ 2003 and WindowsВ XP. WRP replaces WFP in Windows ServerВ 2008 and WindowsВ Vista. Using Windows Installer and Windows Resource Protection Windows Installer adheres to Windows Resource Protection (WRP) when installing essential system files, folders, and registry information in Windows ServerВ 2008 and later and WindowsВ Vista and later. WRP in Windows ServerВ 2008 and WindowsВ Vista replaces Windows File Protection (WFP) in Windows ServerВ 2003, WindowsВ XP, and WindowsВ 2000. Windows Installer developers should note the following changes in how the installer handles protected resources in Windows ServerВ 2008 and later and WindowsВ Vista and later: When running on Windows ServerВ 2008 and later or WindowsВ Vista and later, the Windows Installer skips the installation of any file that is protected by WRP, the installer enters a warning in the log file, and continues with the remainder of the installation without an error. In Windows ServerВ 2003, WindowsВ XP, and WindowsВ 2000, when the Windows Installer encountered a WFP-protected file, the installer would request that WFP install the file. WRP on Windows ServerВ 2008 and later or WindowsВ Vista and later can protect registry keys in addition to files. If the Windows Installer encounters a WRP-protected registry key, the installer skips the installation of that registry key, the installer enters a warning in the log file, and continues with the remainder of the installation without an error. Note that if a Windows Installer component contains a file or registry key that is protected by WRP, this resource must be used as the KeyPath for the component. In this case, Windows Installer does not install, update, or remove the component. You should not include any protected resources in an installation package. Instead, you should use the supported resource replacement mechanisms for Windows Resource Protection. For more information about WRP, see Windows Resource Protection and information that is provided on Microsoft Technet. WFP for Windows Server 2003 and Windows XP/2000 Windows Installer adheres to Windows File Protection (WFP) when installing essential system files on Windows ServerВ 2003, WindowsВ XP and WindowsВ 2000. If a protected system file is modified by an unattended installation of an application, WFP restores the file to the verified file version. Windows Installer never attempts to install or replace a protected file. When the InstallFiles action or any other action scheduled before InstallFiles attempts to install a file protected on Windows ServerВ 2003, WindowsВ XP or WindowsВ 2000, the installer calls WFP with a request to install or replace the protected file. The installer requests the file installation from WFP immediately after executing the InstallFiles action. WFP installs or replaces the file on the user’s system with a cached version of the protected file. Note that this does not guarantee that the version of the file installed from the cache is the version required by the application. After WFP has installed the file, the installer determines whether this version matches the version in the package. If the file version in the package is greater than the installed version, the installer informs the user that it cannot update the system and that an update of the operating system may be required for the application. If any action sequenced after InstallFiles attempts to install or replace a protected file not already installed on the system, the installer cannot call WFP to install the file. In this case, the installer informs the user that it cannot update the system and that an update of the operating system may be required for the application. The installer also checks with WFP when removing files and never attempts to remove protected system files. Component Key Files Protected by WFP Note that if a Windows Installer component contains a WFP file, this file must be specified as the key path for the component. When the installer attempts to install a component’s key file on Windows ServerВ 2003, WindowsВ XP or WindowsВ 2000, it first calls WFP to determine if the key file is protected. When the key file of a component is protected by WFP, and that key file is already installed, the installer updates the component only if the version of the key file in the package is greater than the installed version. If the installation package specifies that a component be installed, and the key file of the component is not currently installed, then regardless of whether the key file is protected the installer installs the component. Once any component having a key file protected by WFP is installed, it is permanently installed, and the installer never removes or replaces the component. Installation of Assemblies by WFP WFP for assemblies differs from WFP for system files. WFP protects Windows ServerВ 2003, WindowsВ XP and WindowsВ 2000 system files by detecting attempts to replace protected system files. This protection is triggered after WFP receives a directory change notification for a file in a protected directory. When WFP receives this notification, it determines which file has changed. If the file is protected, WFP looks up the file signature in a static catalog file to determine if the new file is the correct version. If the file version is not correct, the system replaces the file with the correct version from either the cache or distribution media. In contrast, WFP of assemblies is dynamic. WFP is extended to files as they are added to the shared side-by-side assembly cache. If an assembly becomes corrupted, WFP will request that the installer replace the file. Windows Installer may or may not be able to replace the file depending on whether the source package is accessible. If the source package is inaccessible, WFP will put up a dialog box stating that it is unable to restore the file. Note that unmanaged shared side-by-side assemblies, installed in %windir%\winsxs, are protected by WFP. Unmanaged private assemblies, installed in the application directory, are not protected by WFP. Managed global assemblies installed in the application directory or %windir%\assembly\gac are not protected by WFP. Читайте также: Tp link archer t1u драйвер windows 10 Оцените статью Search for: Свежие записи Лучшие практики внедрения DevOps при разработке программного обеспечения Обзор Audacity для Mac и альтернатива Windows или Linux: Что лучше выбрать? Как в Windows 11 включить и выключить Безопасный режим? App data папка как почистить windows 10 Вам также может понравиться Windows или Linux: Что лучше выбрать? Есть много причин выбирать между Windows и Linux, но Файл владелец изменить linux Команда Chown в Linux Chown Command in Linux (File Установка шлюза по умолчанию linux Настройка сети вручную Содержание Краткое описание Чем разбить диск для linux ИТ База знаний Курс по Asterisk Полезно — Узнать IP — Правообладателям Политика конфиденциальности Контакты © 2024 Советы по настройке компьютера

Компоненты Microsoft Windows

Основные

Aero • ClearType • Desktop Window Manager • DirectX • Проводник (Explorer) • Панель задач («Пуск» • трей) • Shell (namespace • Special Folders • File associations) • Search (Saved search • iFilters) • Graphics Device Interface • WIM • Next Generation TCP/IP stack (Server Message Block) • .NET Framework • Audio • Printing (XML Paper Specification) • Active Scripting (WSH • VBScript • JScript) • COM (OLE • OLE Automation • DCOM • ActiveX • ActiveX Document • Structured storage • Transaction Server) • Previous Versions • WDDM • UAA • Win32 console

Backup and Restore Center • COMMAND.COM • cmd.exe • Easy Transfer • Event Viewer • Installer • Netsh • PowerShell • Problem Reports and Solutions • Sysprep • Настройка системы (msconfig) • System File Checker • WinSAT • Windows Update • Восстановление системы • Дефрагментация диска • Диспетчер задач • Диспетчер устройств • Консоль управления • Очистка диска • Панель управления (функции)

Актуальные: Contacts • DVD Maker • Fax and Scan • Internet Explorer • Journal • Magnifier • Media Center • Media Player • Meeting Space • Mobile Device Center • Mobility Center • Narrator • Paint • Private Character Editor • Remote Assistance • Speech Recognition • WordPad • Блокнот • Боковая панель • Звукозапись • Календарь • Калькулятор • Ножницы • Почта • Таблица символов

Chess Titans • Hold ‘Em • InkBall • Mahjong Titans • Purble Place • Пасьянс «Косынка» • Пасьянс «Паук» • Сапёр • Пасьянс «Свободная ячейка» • Пинбол • Червы

Autorun • BITS • CLFS Error Reporting • Multimedia Class Scheduler • Shadow Copy • Task Scheduler • Wireless Zero Configuration •

Active Directory • Deployment Services • DFS Replication • DNS • Domains • Folder redirection • Hyper-V • IIS • Media Services • MSMQ • Network Access Protection • Print Services for UNIX • Remote Differential Compression • Remote Installation Services • Rights Management Services • Roaming user profiles • SharePoint Services • System Resource Manager • Terminal Services • WSUS • Групповая политика • Координатор распределённых транзакций

Обзор • Object Manager • I/O request packets • Kernel Transaction Manager • Logical Disk Manager • Security Accounts Manager • Windows Resource Protection • LSASS • CSRSS • SMSS • Диспетчер печати • Запуск (Vista)

Unix subsystem (Interix) • Virtual DOS Machine • Windows on Windows • WOW64

Wikimedia Foundation . 2010 .

Смотреть что такое «Windows Resource Protection» в других словарях:

Windows Resource Protection — is a feature in Windows Vista that replaces Windows File Protection. It protects registry keys and folders in addition to critical system files. The way it protects resources differs entirely from the method used by Windows File Protection.… … Wikipedia

Windows File Protection — (WFP) is a technology included in all Microsoft Windows operating systems beginning with Windows 2000 to prevent programs from replacing critical Windows system files. Protecting core system files prevents problems such as DLL hell with programs… … Wikipedia

Windows File Protection — (Система защиты файлов Windows, сокр. англ. WFP) технология, позволяющая запретить программам изменять или удалять наиболее важные системные файлы Windows. Защита критически важных системных файлов позволяет избежать ряда серьёзных проблем… … Википедия

Windows Defender — A component of Microsoft Windows Windows Defender in Windows 7 … Wikipedia

Windows PowerShell — Screenshot of a sample PowerShell session … Wikipedia

Windows Media Player — A component of Microsoft Windows Details … Wikipedia

Windows Search — (formerly known as Windows Desktop Search or WDS on Windows XP and Windows Server 2003) is an indexed desktop search platform released by Microsoft for the Windows operating system.[citation needed] Windows Search for Windows Vista, Windows 7,… … Wikipedia

Windows Update — A component of Microsoft Windows Windows Update running on Windows 7 … Wikipedia

Windows Media Center — A component of Microsoft Windows … Wikipedia

Windows Error Reporting — displaying Problem Details from an issue with Windows Explorer Windows Error Reporting (WER) (codenamed Watson) is a crash reporting technology introduced by Microsoft with Windows XP[1 … Wikipedia

About Windows Resource Protection

Windows Resource Protection (WRP) prevents the replacement of essential system files, folders, and registry keys that are installed as part of the operating system. It became available starting with Windows ServerВ 2008 and WindowsВ Vista. Permission for full access to modify WRP-protected resources is restricted to TrustedInstaller. WRP-protected resources can only be changed using the Supported Resource Replacement Mechanisms with the Windows Modules Installer service. Protecting these resources prevents application and operating system failures.

Applications should not attempt to modify WRP-protected resources because these are used by Windows and other applications. If an application attempts to modify a WRP-protected resource, it can have the following results.

Application installers that attempt to replace, modify, or delete critical Windows files or registry keys may fail to install the application and will receive an error message stating that access to the resource was denied.
Applications that attempt to add or remove sub-keys or change the values of protected registry keys may fail and will receive an error message stating that access to the resource was denied.
Applications that rely on writing any information into protected registry keys, folders, or files may fail.

WRP is the new name for Windows File Protection (WFP). WRP protects registry keys and folders as well as essential system files. WFP was available in Microsoft Windows ServerВ 2003 and WindowsВ XP. WRP replaces WFP in Windows ServerВ 2008 and WindowsВ Vista.

Using Windows Installer and Windows Resource Protection

Windows Installer adheres to Windows Resource Protection (WRP) when installing essential system files, folders, and registry information in Windows ServerВ 2008 and later and WindowsВ Vista and later.

WRP in Windows ServerВ 2008 and WindowsВ Vista replaces Windows File Protection (WFP) in Windows ServerВ 2003, WindowsВ XP, and WindowsВ 2000. Windows Installer developers should note the following changes in how the installer handles protected resources in Windows ServerВ 2008 and later and WindowsВ Vista and later:

When running on Windows ServerВ 2008 and later or WindowsВ Vista and later, the Windows Installer skips the installation of any file that is protected by WRP, the installer enters a warning in the log file, and continues with the remainder of the installation without an error. In Windows ServerВ 2003, WindowsВ XP, and WindowsВ 2000, when the Windows Installer encountered a WFP-protected file, the installer would request that WFP install the file.
WRP on Windows ServerВ 2008 and later or WindowsВ Vista and later can protect registry keys in addition to files. If the Windows Installer encounters a WRP-protected registry key, the installer skips the installation of that registry key, the installer enters a warning in the log file, and continues with the remainder of the installation without an error.
Note that if a Windows Installer component contains a file or registry key that is protected by WRP, this resource must be used as the KeyPath for the component. In this case, Windows Installer does not install, update, or remove the component. You should not include any protected resources in an installation package. Instead, you should use the supported resource replacement mechanisms for Windows Resource Protection.

For more information about WRP, see Windows Resource Protection and information that is provided on Microsoft Technet.

WFP for Windows Server 2003 and Windows XP/2000

Windows Installer adheres to Windows File Protection (WFP) when installing essential system files on Windows ServerВ 2003, WindowsВ XP and WindowsВ 2000. If a protected system file is modified by an unattended installation of an application, WFP restores the file to the verified file version.

Windows Installer never attempts to install or replace a protected file. When the InstallFiles action or any other action scheduled before InstallFiles attempts to install a file protected on Windows ServerВ 2003, WindowsВ XP or WindowsВ 2000, the installer calls WFP with a request to install or replace the protected file. The installer requests the file installation from WFP immediately after executing the InstallFiles action. WFP installs or replaces the file on the user’s system with a cached version of the protected file. Note that this does not guarantee that the version of the file installed from the cache is the version required by the application. After WFP has installed the file, the installer determines whether this version matches the version in the package. If the file version in the package is greater than the installed version, the installer informs the user that it cannot update the system and that an update of the operating system may be required for the application.

If any action sequenced after InstallFiles attempts to install or replace a protected file not already installed on the system, the installer cannot call WFP to install the file. In this case, the installer informs the user that it cannot update the system and that an update of the operating system may be required for the application.

The installer also checks with WFP when removing files and never attempts to remove protected system files.

Component Key Files Protected by WFP

Note that if a Windows Installer component contains a WFP file, this file must be specified as the key path for the component.

When the installer attempts to install a component’s key file on Windows ServerВ 2003, WindowsВ XP or WindowsВ 2000, it first calls WFP to determine if the key file is protected. When the key file of a component is protected by WFP, and that key file is already installed, the installer updates the component only if the version of the key file in the package is greater than the installed version. If the installation package specifies that a component be installed, and the key file of the component is not currently installed, then regardless of whether the key file is protected the installer installs the component. Once any component having a key file protected by WFP is installed, it is permanently installed, and the installer never removes or replaces the component.

Installation of Assemblies by WFP

WFP for assemblies differs from WFP for system files.

WFP protects Windows ServerВ 2003, WindowsВ XP and WindowsВ 2000 system files by detecting attempts to replace protected system files. This protection is triggered after WFP receives a directory change notification for a file in a protected directory. When WFP receives this notification, it determines which file has changed. If the file is protected, WFP looks up the file signature in a static catalog file to determine if the new file is the correct version. If the file version is not correct, the system replaces the file with the correct version from either the cache or distribution media.

In contrast, WFP of assemblies is dynamic. WFP is extended to files as they are added to the shared side-by-side assembly cache. If an assembly becomes corrupted, WFP will request that the installer replace the file. Windows Installer may or may not be able to replace the file depending on whether the source package is accessible. If the source package is inaccessible, WFP will put up a dialog box stating that it is unable to restore the file.

Note that unmanaged shared side-by-side assemblies, installed in %windir%\winsxs, are protected by WFP. Unmanaged private assemblies, installed in the application directory, are not protected by WFP. Managed global assemblies installed in the application directory or %windir%\assembly\gac are not protected by WFP.

Windows resource protection wrp

Windows Resource Protection