Windows 7 has Black Holes - Data is lost with no retrieval.
Posted: 26 Aug 2010 05:37
A Blackhole is where you create a file or folder in W7 and it disappears out of sight
with no way to access it or retrieve any information.
It has fallen through the Blackhole and travelled through a Wormhole to another place.
A BlackHole exists at "%USERPROFILE%\Application Data\"
Any File or Folder which is sent there will appear at
C:\Users\%USERNAME%\Appdata\Roaming
but DIR "%USERPROFILE%\Application Data\" actually looks at
"C:\Users\%USERNAME%\Application Data\" and cannot see anything
DIR cannot find it
DEL cannot delete it
IF EXIST shows it does NOT exist
CACLS bombs out with "access denied"
CD has only partial success - it fails if you include a wildcard in the path
RD seems to work even though DEL does not.
After testing all the relevant DOS commands I can think of,
I believe a BlackHole is Write Enabled and effectively Read Disabled
which explains why CD {specific path\folder} can work without reading,
but CD {specific path\wildcard-folder} fails because it is not allowed to look for a wild-card match.
To illustrate the problem I WISH TO attach Wormhole.gif which shows creation of 3 files on 3 paths, unfortunately attachments are not allowed.
Just seen the Img button and done frantic search, found image host :-
[img][img]http://a.imagehost.org/0235/Wormhole.gif[/img][/img]
All three are written to the destination C:\Users\Alan\Appdata\Roaming,
but only "%APPDATA%"\ALAN_20 avoids Junctions and has full read/write/modify access,
whilst ALAN_21 and ALAN_22 are doomed to write only, and cannot be typed or deleted.
You can try for yourself if you paste into a CMD.EXE DOS Window all of the following, including the blank line :-
I actually pasted ran the above code 4 times in the same DOS window,
hence ALAN_21 and ALAN_22 include 3 previous timestamps and demonstrate delete prohibition.
When that finishes the DOS window remains available for you to poke around and investigate further.
Copy the following into a file WT_OOPS.BAT
P.S. Change the second line of code from "SET MODE=FILE" to "SET MODE=SUB" to observe similar effects using SUBfolders instead of Files.
Now you can perform the extensive tests I performed on 15 paths leading to 5 destinations in XP,
which merged into 4 destinations in W7.
Some Junctions appear to allow full access where others greatly restrict access.
Windows 7 has perhaps 44 different Blackholes.
This is the number of JUNCTIONS detected by Junction Link Magic under XP on my dual boot PC.
I do not know if that excludes symlinks and other forms of reparse points in W7.
I am not sure now if the Junctions that allowed read access were actually symlinks or something else,
I just know and am warning that there are black holes in W7 that gobble up data but do not allow it to escape.
There is an urban myth that M.$. use JUNCTIONS etc so VISTA and W7 can use software created for XP.
My evidence shows a great loss of functionality when JUNCTIONS are used for this purpose.
I believe M.$. "borrowed" the idea of Junctions from UNIX,
but failed to understand it and implemented a disastrous side effect,
i.e. deleting a Junction could also destroy everything it was aimed at.
After people complained about lost data M.$ chose not to fix the error,
but recommended a bodgy workaround, i.e.
"Use NTFS ACLs to protect junction points from inadvertent deletion" as per
http://support.microsoft.com/kb/205524/en-us
I guess it is an effect of the ACLS that I cannot read read through a Junction.
When I use CACLS to investigate the ACLS of various Junctions I am bewildered by the confusion.
For some Junctions CACLS reports "access denied";
For some there is amongst other things "Everyone:(DENY)(special access:)"
and others have "Everyone:(DENY)(special access:)" together with "Everyone:R"
I saw many other variations in permissions for various Junctions.
I wonder if all of these inconsistently protected Junctions have equal protection against deletion ! !
With such inconsistency it looks like Vista/W7 has a broken leg,
and tech support tried to mend it with a sticky plaster.
Some Junctions provide W7/XP backward compatibility,
and allow a CMD.EXE script to use XP style paths and fully access the relevant locations in W7
Many Junctions give almost zero access to the relevant locations in W7.
If Junctions break the functionality of XP batch command files,
I think it must be even worse for GUI type applications that were written for XP.
NB For my present needs I am rewriting some scripts to make maximum use of environmental variables.
Using %userprofile% is a step in the right direction,
but NOT if a JUNCTION then diverts "Application Data" in which case %appdata% is needed,
but not if .........
I never saw any warnings in any forums, and a Google search fails to find it on the Internet.
Am I the only one to see that "The Emperor has no Clothes" ! ! !
Alan
with no way to access it or retrieve any information.
It has fallen through the Blackhole and travelled through a Wormhole to another place.
A BlackHole exists at "%USERPROFILE%\Application Data\"
Any File or Folder which is sent there will appear at
C:\Users\%USERNAME%\Appdata\Roaming
but DIR "%USERPROFILE%\Application Data\" actually looks at
"C:\Users\%USERNAME%\Application Data\" and cannot see anything
DIR cannot find it
DEL cannot delete it
IF EXIST shows it does NOT exist
CACLS bombs out with "access denied"
CD has only partial success - it fails if you include a wildcard in the path
RD seems to work even though DEL does not.
After testing all the relevant DOS commands I can think of,
I believe a BlackHole is Write Enabled and effectively Read Disabled
which explains why CD {specific path\folder} can work without reading,
but CD {specific path\wildcard-folder} fails because it is not allowed to look for a wild-card match.
To illustrate the problem I WISH TO attach Wormhole.gif which shows creation of 3 files on 3 paths, unfortunately attachments are not allowed.
Just seen the Img button and done frantic search, found image host :-
[img][img]http://a.imagehost.org/0235/Wormhole.gif[/img][/img]
All three are written to the destination C:\Users\Alan\Appdata\Roaming,
but only "%APPDATA%"\ALAN_20 avoids Junctions and has full read/write/modify access,
whilst ALAN_21 and ALAN_22 are doomed to write only, and cannot be typed or deleted.
You can try for yourself if you paste into a CMD.EXE DOS Window all of the following, including the blank line :-
Code: Select all
echo %TIME%
echo %TIME% >> "%APPDATA%"\ALAN_20
echo %TIME% >> "%USERPROFILE%\Application Data"\ALAN_21
echo %TIME% >> "C:\Documents and Settings\%username%\Application Data"\ALAN_22
echo %TIME%
TYPE "%APPDATA%"\ALAN_20
TYPE "%USERPROFILE%\Application Data"\ALAN_21
TYPE "C:\Documents and Settings\%username%\Application Data"\ALAN_22
TYPE "%APPDATA%"\ALAN_21
TYPE "%APPDATA%"\ALAN_22
DIR "%APPDATA%"\ALAN_* | FIND ":"
DIR "%USERPROFILE%\Application Data"\ALAN_* | FIND ":"
DIR "C:\Documents and Settings\%username%\Application Data"\ALAN_* | FIND ":"
DEL "%APPDATA%"\ALAN_20
DEL "%USERPROFILE%\Application Data"\ALAN_21
DEL "C:\Documents and Settings\%username%\Application Data"\ALAN_22
I actually pasted ran the above code 4 times in the same DOS window,
hence ALAN_21 and ALAN_22 include 3 previous timestamps and demonstrate delete prohibition.
When that finishes the DOS window remains available for you to poke around and investigate further.
Copy the following into a file WT_OOPS.BAT
Code: Select all
@echo off & setlocal enabledelayedexpansion & CLS
SET MODE=FILE
IF "%LOCALAPPDATA%"=="" SET LOCALAPPDATA=%USERPROFILE%\Local Settings\Application Data
IF "%USERPROFILE%"=="C:\Documents and Settings\Dad" SET USERNAME=Dad
SET SAFE="c:\ALAN\AbsentFrozen_Path_sub."
IF NOT EXIST %SAFE%\ MD %SAFE%
IF "%MODE%"=="SUB" (CALL :P MD) ELSE (CALL :P ECHO)
CALL :P EXIST
CALL :P CACLS
IF "%MODE%"=="SUB" (CALL :P CD) ELSE (CALL :P TYPE)
CALL :P DIR
IF "%MODE%"=="SUB" (CALL :P RD) ELSE (CALL :P DEL)
IF EXIST C:\Users\ CALL :P DIR
GOTO :EOF
:P
ECHO(
SET /A N=10
CALL :X %1 "%%%%USERPROFILE%%%%\
CALL :X %1 "C:\Documents and Settings\%%%%USERNAME%%%%\
IF EXIST C:\Users\ CALL :X %1 "C:\Users\%%%%USERNAME%%%%\
SET /A N=20
CALL :X %1 "%%%%APPDATA%%%%\
CALL :X %1 "%%%%USERPROFILE%%%%\Application Data\
CALL :X %1 "C:\Documents and Settings\%%%%USERNAME%%%%\Application Data\
SET /A N=30
CALL :X %1 "%%%%LOCALAPPDATA%%%%\
CALL :X %1 "%%%%USERPROFILE%%%%\Local Settings\Application Data\
CALL :X %1 "C:\Documents and Settings\%%%%USERNAME%%%%\Local Settings\Application Data\
SET /A N=40
CALL :X %1 "%%%%ALLUSERSPROFILE%%%%\
CALL :X %1 "C:\Documents and Settings\All Users\
IF EXIST C:\Users\ CALL :X %1 "C:\Users\All Users\
SET /A N=50
CALL :X %1 "%%%%ALLUSERSPROFILE%%%%\Application Data\
CALL :X %1 "C:\Documents and Settings\All Users\Application Data\
IF EXIST C:\Users\ CALL :X %1 "C:\Users\All Users\Application Data\
GOTO :EOF
:X
CALL set P=%2
ECHO X %1 %2ALAN_" %N%
IF "%1"=="MD" %1 %P%ALAN_%N%"
IF "%1"=="DIR" %1 %P%ALAN_*" /A | FIND ":"
IF "%1"=="CD" CD /D %SAFE% & %1 %P%ALAN_*" & CD & CD /D %SAFE% & %1 %P%ALAN_%N%" & CD
IF "%1"=="RD" CD .. & ATTRIB -R -A -S -H %P%ALAN_%N%" & %1 /S /Q %P%ALAN_%N%"
IF "%1"=="EXIST" IF EXIST %P%ALAN_%N%" (ECHO VALID %P%ALAN_%N%") ELSE ECHO ABSENT %P%ALAN_%N%"
IF "%1"=="CACLS" %1 %P%ALAN_%N%" > NUL && (ECHO VALID %P%ALAN_%N%") || (ECHO WRONG %P%ALAN_%N%")
IF "%1"=="ECHO" %1 %TIME% >> %P%ALAN_%N%"
IF "%1"=="DEL" ATTRIB -R %P%ALAN_%N%" & %1 %P%ALAN_%N%"
IF "%1"=="TYPE" %1 %P%ALAN_%N%"
SET /A N+=1
P.S. Change the second line of code from "SET MODE=FILE" to "SET MODE=SUB" to observe similar effects using SUBfolders instead of Files.
Now you can perform the extensive tests I performed on 15 paths leading to 5 destinations in XP,
which merged into 4 destinations in W7.
Some Junctions appear to allow full access where others greatly restrict access.
Windows 7 has perhaps 44 different Blackholes.
This is the number of JUNCTIONS detected by Junction Link Magic under XP on my dual boot PC.
I do not know if that excludes symlinks and other forms of reparse points in W7.
I am not sure now if the Junctions that allowed read access were actually symlinks or something else,
I just know and am warning that there are black holes in W7 that gobble up data but do not allow it to escape.
There is an urban myth that M.$. use JUNCTIONS etc so VISTA and W7 can use software created for XP.
My evidence shows a great loss of functionality when JUNCTIONS are used for this purpose.
I believe M.$. "borrowed" the idea of Junctions from UNIX,
but failed to understand it and implemented a disastrous side effect,
i.e. deleting a Junction could also destroy everything it was aimed at.
After people complained about lost data M.$ chose not to fix the error,
but recommended a bodgy workaround, i.e.
"Use NTFS ACLs to protect junction points from inadvertent deletion" as per
http://support.microsoft.com/kb/205524/en-us
I guess it is an effect of the ACLS that I cannot read read through a Junction.
When I use CACLS to investigate the ACLS of various Junctions I am bewildered by the confusion.
For some Junctions CACLS reports "access denied";
For some there is amongst other things "Everyone:(DENY)(special access:)"
and others have "Everyone:(DENY)(special access:)" together with "Everyone:R"
I saw many other variations in permissions for various Junctions.
I wonder if all of these inconsistently protected Junctions have equal protection against deletion ! !
With such inconsistency it looks like Vista/W7 has a broken leg,
and tech support tried to mend it with a sticky plaster.
Some Junctions provide W7/XP backward compatibility,
and allow a CMD.EXE script to use XP style paths and fully access the relevant locations in W7
Many Junctions give almost zero access to the relevant locations in W7.
If Junctions break the functionality of XP batch command files,
I think it must be even worse for GUI type applications that were written for XP.
NB For my present needs I am rewriting some scripts to make maximum use of environmental variables.
Using %userprofile% is a step in the right direction,
but NOT if a JUNCTION then diverts "Application Data" in which case %appdata% is needed,
but not if .........
I never saw any warnings in any forums, and a Google search fails to find it on the Internet.
Am I the only one to see that "The Emperor has no Clothes" ! ! !
Alan