Monday, February 26, 2007

NTFS File encryption does not like virtual drives

I like the NTFS file encryption feature - you simply define a folder as being encrypted, and any susequent file you add to it is automatically encrypted. This means that, depending on permissions, other users may see that the file exists, but they won't be able to get the content. Even the system Administrator won't be able to read the file's content!
(There are various other goodies related to encrypted files, such that you can't copy them and such, but that's besides the point).

But I also like virtual drives. For example - my 3 PC's have a virtual drive called Z: that maps to a shared folder in one of the machines (called C:\Shared - to be precise).

So I had a couple of files in an encrypted folder (accidentally on the machine that hosts the folder mapped to by Z), and wanted to transfer them to another machine. I sent them to Z, and then I wanted to decypt them so I would be able to retrieve them from my second machine.
Just to make sure the scenario is clear: I'm connected with the correct user (the one who encrypted the files), and simply want to decrypt the files. The only thing is that I want to do it from a virtual drive (Z:).

 

BABOOM!!!

"An error occurred applying attributes to the file:
....
The system cannot find the path specified."

Of course, once I tried to decrypt from C:\Shared instead of Z:\ - everything went fine.

Not nice, really not nice.

No comments: