[softwarelist] Re: Windows 7 junction points
- From: Paul Witheridge <paul_witheridge@xxxxxxxxxxx>
- To: davidpilling@xxxxxxxxxxxxx
- Date: Wed, 04 Jan 2012 16:57:20 +0000
I thought I would add some comments here. After installing Windows 7,
I have been updating some software that reads directories under
Windows and this involved some investigation into junctions points and
considerably reduced my confusion about the subject (but not
completely). But perhaps I can be of some help with others'
confusion...
First, as far as I can see, a junction point (in windows) is just a
directory entry that acts as an 'alias' for an existing file or
directory. You can create one quite easily using the MKLINK command
from a command window (but this must be "Run as administrator").
mklink /J linkname original-target
MKLINK allows you to create symbolic links to files or directories,
directory junctions and hard links to files (see
http://technet.microsoft.com/en-us/library/cc753194%28WS.10%29.aspx).
Although the Microsoft documentation indicates MKLINK requires a '/D'
command line switch to create a symbolic link to a directory and a
'/J' switch to create a directory junction, I could not find any
observable difference between a symbolic link and a junction. They
both seem to set exactly the same attribute flags in the resulting
directory entry:
FILE_ATTRIBUTE_REPARSE_POINT
FILE_ATTRIBUTE_HIDDEN
FILE_ATTRIBUTE_SYSTEM
and behave exactly the same (if anyone knows if there is any actual
difference between symbolic links to directories and directory
junctions, I would really like to know).
Second, The access rights for the symbolic-link/junction-point can be
different to that for the 'original' directory entry for the target.
MKLINK creates the new symbolic link with the same access rights as
the original, but you can then modify those for the link (e.g. via the
security tab of the symbolic link object's properties) without
affecting those of the original.
This is where the infamous 'Access Denied' comes in. The junction
points set up automatically when Windows 7 (or Vista) is installed,
all have 'Deny' set in their access control list for the group
'Everyone', and since denying access always overrides granting access,
this means nobody has access to these junction points. This is not a
feature of directory junctions in general, just these special ones set
up by the Microsoft Windows installer. I suppose it's Microsoft's way
of stopping users messing with these particular junction points.
However, the fact that you cannot access these junction points
themselves, does not stop you using them as part of the path to a file
or subdirectory within the target directory (assuming that you have
access rights to that object).
And, of course, if you set up your own symbolic link to a directory,
there is no 'Access Denied' unless you deliberately set up the access
rights that way!
Third, the big difference between a symbolic link and a Windows
shortcut is that the latter is a file (with a filename extension of
'.lnk'). So a symbolic link is a directory entry that points directly
to the target, whereas a shortcut has a directory entry that points to
a file which then points to the target. Shortcuts can do things that
symbolic links cannot: they can include command line arguments and can
set the working directory. So, in many ways they are more powerful
(and much easier to set up).
Finally, the MKLINK command can also create a 'hard' link for files
(on NTFS formatted partitions only). This is also a directory entry
that acts as an 'alias' to a file, but in this case, there is no
difference between the new 'hard' link directory entry and the
original directory entry for the file (effectively they're both 'hard'
links to the file). NTFS must maintain a 'user count' of the number of
these 'hard' directory entries for a file and will not delete the
actual file from the disk until the last of directory entries is
deleted.
Hope that helps.
--
Paul Witheridge - Marlow, UK
To unsubscribe or subscribe goto: //www.freelists.org/list/davidpilling
Other related posts:
