Introduction
Today while having Lunch with my colleagues we had a discussion over symbolic file names in windows. My argument was it was a persistent file and so it should be a physical file system. But my friends argument was it cannot be a physical file since it cannot be opened, closed like a normal file in the file system. So this encouraged me to go into a little depth to understand what a symbolic link in windows.
In windows there are two types of device names, Windows NT device names and MS-DOS device name. These names are located in the Windows NT Object Manager's namespace. The Windows NT kernel and the kernel mode drivers use the NT device name and the Win32 programs use the MS-DOS device names and is a symbolic link to NT device name.
NT Device names
When a kernel mode driver is loaded, its initialization outine registers a device name with Windows NT Object Manager. (Use WinObj.exe from sysinternals to view all NT Device names in your system). These names have the format \Device\CDRom0, etc and can be found in the \device drirectory of Object Manager's namespace.
Win32 programs access these device names using the MS-DOS device names such as A:, C:.
MS DOS Device names
These device name exists in Object Managers \?? directory. Multiple MS-DOS Device names can point to a single NT device name.
Symbolic Links
Symbolic links created by system persist across computer restarts because they are stored in registry. These are the links created between MS-DOS device name and an NT device name.
Wait and watch for Vista...you will find these symbolic links are physical files.
API
QueryDosDevice - used to know the NT device name associated with MS-DOS device name.
DefineDosDevice - used to manipulate a symbolic link. Create a new or remove.
Articles
Peppermint: A New Linux OS for the Cloud
14 years ago
Posts
0 comments
Post a Comment