20070162510, Jul 12, 2007
Charles Lenzmeier - Silverthorne CO, US
Edward Praitis - Woodinville WA, US
John Stephens - Redmond WA, US
Michael Gallop - Sammamish WA, US
RoseMarie FitzSimons - Seattle WA, US
Microsoft Corporation - Redmond WA
Certain applications, especially legacy applications, try to write to areas of the system that require administrator privileges and hence fail to run successfully for users with lessened privileges. The disclosed system redirects certain file writes, i.e., globally impactful file writes to specific locations that require administrator privileges and would otherwise fail for others users, so as to allow the same file writes to succeed by redirecting them to happen in the context of the user, i.e., in a per-user virtualization location. In particular, virtualization only occurs when the application is actually going to write to the file, not just when file access is requested without an intention of writing to or otherwise actually altering the file. Following virtualization, applications are redirected to use the virtualized files. The system thus allows users to run applications that otherwise would not be enabled, and to maintain a higher level of security when doing so.