MBC Computer Solutions Ltd.

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Thursday, 19 July 2007

Unable to create bookmarks in IE7 - "Unspecified Error"

Posted on 14:00 by Unknown

I just had a somewhat interesting security problem in Vista that I thought I’d share.

The problem was in Internet Explorer when creating a bookmark, I’d receive a message “Unable to create [URL]. Unspecified error”. The problem only occurred in protected mode websites which led me to believe it might have been a permissions issue. Indeed, trying to propagate my local account with full access generated an Access is Denied error, so I replaced ownership on the folder successfully, however the problem was still occurring. A bit of research later and here is what I discovered in a nutshell


- Windows Vista introduces a new concept called “Integrity Level”. Basically, along with every ACL, there is also a “class” – this defines what types of applications can modify a particular file.

- By default, all files allow “Medium” or higher applications to modified them, however Internet Explorer running Protected Mode runs at a “Low” integrity level (basically, IE can only directly write to files with a Low integrity level associated with them, otherwise, the write has to go through the protected mode broker process which runs as a medium level application)

- The icacls command line utility (introduced in W2K2 SP2 and Vista) includes a new switch that allows you to set the integrity level

To resolve the issue, navigate to c:\users\USERNAME and run the following command against the favorites folder:

icacls Favorites /setintegritylevel (OI)(CI)low

The (OI) and (CI) stand for “object inherit” and “container inherit” respectively (propagate permissions basically), and the low is pretty obviously assigning a low integrity level requirement to the file.

[Updated: June 19, 2008 - Step-by-step instructions due to popular demaind]

Step-by-step Instructions

 

  1. Choose Start -> Run
  2. Type "cmd" (without the quotes) and press OK
  3. Navigate to your user folder.  By default, this is c:\users\Username.  In my case:

    cd /d c:\users\steven
  4. Run icacls:

    icacls Favorites /setintegritylevel (OI)(CI)low

 

The sequence should look like this:

icacls

Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Posted in | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • How to change the temperature scale on a Honeywell T6575 Thermostat
    [The complete documentation can be found at http://customer.honeywell.ca/techlit/pdf/95c-00000s/95c-10897.pdf ]   This was bugging me fo...
  • C# – Converting IP’s to Numbers and Numbers to IP’s in 2 lines of code
    I don’t know why everywhere I searched had such complex implementation of this, but converting from a dotted IP to a number (integer) and ba...
  • Why does iTunes setup need to close Outlook?!
    Everytime I update iTunes I remember why I left it so long - the install process is quite annoying! Can someone please explain to me why it...
  • Mac OSX 10.5.2 Freezing Intermittently
    I've been having an issue with my MacBook (you know, that computer I hide under my desk most of the time) where intermittently, the UI w...
  • ScottGu’s Color Scheme for Visual Studio 2010
    ScottGu was nice enough to provide the world with his awesome Visual Studio 2008 color scheme.  I’ve been using this for many years now an...
  • Windows Search 4.0 Released .....and searching finally works!
    I've been dealing with Outlook 2007's search problems since installing it way back then.  Most frequently, I'd search a keyword;...
  • Don’t forget about the defer attribute for non-essential external scripts
    I was recently reviewing a customers eCommerce site and I noticed that the “Please Wait” page that occurs after completing an order but befo...
  • Recursively finding controls - where to start?
    I love hearing about bugs and problems in components I have authored.  Most people hate hearing about bugs (I assume because they like to th...
  • Popup Window Manager
    I was just reading a post by Rick Strahl about managing popup windows in the browser.  I actually authored a mini popup window manager a wh...
  • New Blackberry firmware coming down the pipe?
    My partner alerted me today to the fact that RIM has finally released 4.2 code for the 8700. I complained a while back that the 8800 code ...

Blog Archive

  • ►  2012 (1)
    • ►  February (1)
  • ►  2010 (1)
    • ►  April (1)
  • ►  2009 (7)
    • ►  December (1)
    • ►  November (1)
    • ►  October (1)
    • ►  July (1)
    • ►  April (2)
    • ►  February (1)
  • ►  2008 (36)
    • ►  November (3)
    • ►  October (2)
    • ►  September (1)
    • ►  August (1)
    • ►  July (2)
    • ►  June (6)
    • ►  May (4)
    • ►  April (1)
    • ►  March (4)
    • ►  February (7)
    • ►  January (5)
  • ▼  2007 (35)
    • ►  December (1)
    • ►  November (9)
    • ►  October (3)
    • ►  September (6)
    • ►  August (7)
    • ▼  July (9)
      • Standards-based layout saved my day!
      • Unable to stop or use COM+ component
      • Visual Studio 2008 Beta 2 is released
      • MBC is a Microsoft Certified Partner!
      • A simple way to handle data collection in email su...
      • New version of Nikhil Kothari's Web Development He...
      • JavaScript Support in Visual Studio 2008 looks lik...
      • Using Web Standards to Simplify Web Control Develo...
      • Unable to create bookmarks in IE7 - "Unspecified E...
  • ►  2006 (3)
    • ►  May (3)
Powered by Blogger.

About Me

Unknown
View my complete profile