MBC Computer Solutions Ltd.

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Thursday, 19 July 2007

Unable to create bookmarks in IE7 - "Unspecified Error"

Posted on 14:00 by Unknown

I just had a somewhat interesting security problem in Vista that I thought I’d share.

The problem was in Internet Explorer when creating a bookmark, I’d receive a message “Unable to create [URL]. Unspecified error”. The problem only occurred in protected mode websites which led me to believe it might have been a permissions issue. Indeed, trying to propagate my local account with full access generated an Access is Denied error, so I replaced ownership on the folder successfully, however the problem was still occurring. A bit of research later and here is what I discovered in a nutshell


- Windows Vista introduces a new concept called “Integrity Level”. Basically, along with every ACL, there is also a “class” – this defines what types of applications can modify a particular file.

- By default, all files allow “Medium” or higher applications to modified them, however Internet Explorer running Protected Mode runs at a “Low” integrity level (basically, IE can only directly write to files with a Low integrity level associated with them, otherwise, the write has to go through the protected mode broker process which runs as a medium level application)

- The icacls command line utility (introduced in W2K2 SP2 and Vista) includes a new switch that allows you to set the integrity level

To resolve the issue, navigate to c:\users\USERNAME and run the following command against the favorites folder:

icacls Favorites /setintegritylevel (OI)(CI)low

The (OI) and (CI) stand for “object inherit” and “container inherit” respectively (propagate permissions basically), and the low is pretty obviously assigning a low integrity level requirement to the file.

[Updated: June 19, 2008 - Step-by-step instructions due to popular demaind]

Step-by-step Instructions

 

  1. Choose Start -> Run
  2. Type "cmd" (without the quotes) and press OK
  3. Navigate to your user folder.  By default, this is c:\users\Username.  In my case:

    cd /d c:\users\steven
  4. Run icacls:

    icacls Favorites /setintegritylevel (OI)(CI)low

 

The sequence should look like this:

icacls

Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Posted in | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • How to change the temperature scale on a Honeywell T6575 Thermostat
    [The complete documentation can be found at http://customer.honeywell.ca/techlit/pdf/95c-00000s/95c-10897.pdf ]   This was bugging me fo...
  • Why does iTunes setup need to close Outlook?!
    Everytime I update iTunes I remember why I left it so long - the install process is quite annoying! Can someone please explain to me why it...
  • Mac OSX 10.5.2 Freezing Intermittently
    I've been having an issue with my MacBook (you know, that computer I hide under my desk most of the time) where intermittently, the UI w...
  • Windows Search 4.0 Released .....and searching finally works!
    I've been dealing with Outlook 2007's search problems since installing it way back then.  Most frequently, I'd search a keyword;...
  • Recursively finding controls - where to start?
    I love hearing about bugs and problems in components I have authored.  Most people hate hearing about bugs (I assume because they like to th...
  • Dell 2009W's Finally Arrive
    I had previously   written about the new Dell 2208WFP 22" Wide Screen LCD's that I had purchased and immediately sent back due to ...
  • Don’t forget about the defer attribute for non-essential external scripts
    I was recently reviewing a customers eCommerce site and I noticed that the “Please Wait” page that occurs after completing an order but befo...
  • Dell PowerEdge & Broadcom Issues
    For some time now we've been experiencing a problem across the board with Dell PowerEdge 2900/2950 servers equipped with Broadcom Gigabi...
  • Popup Window Manager
    I was just reading a post by Rick Strahl about managing popup windows in the browser.  I actually authored a mini popup window manager a wh...
  • New Blackberry firmware coming down the pipe?
    My partner alerted me today to the fact that RIM has finally released 4.2 code for the 8700. I complained a while back that the 8800 code ...

Blog Archive

  • ►  2012 (1)
    • ►  February (1)
  • ►  2010 (1)
    • ►  April (1)
  • ►  2009 (7)
    • ►  December (1)
    • ►  November (1)
    • ►  October (1)
    • ►  July (1)
    • ►  April (2)
    • ►  February (1)
  • ►  2008 (36)
    • ►  November (3)
    • ►  October (2)
    • ►  September (1)
    • ►  August (1)
    • ►  July (2)
    • ►  June (6)
    • ►  May (4)
    • ►  April (1)
    • ►  March (4)
    • ►  February (7)
    • ►  January (5)
  • ▼  2007 (35)
    • ►  December (1)
    • ►  November (9)
    • ►  October (3)
    • ►  September (6)
    • ►  August (7)
    • ▼  July (9)
      • Standards-based layout saved my day!
      • Unable to stop or use COM+ component
      • Visual Studio 2008 Beta 2 is released
      • MBC is a Microsoft Certified Partner!
      • A simple way to handle data collection in email su...
      • New version of Nikhil Kothari's Web Development He...
      • JavaScript Support in Visual Studio 2008 looks lik...
      • Using Web Standards to Simplify Web Control Develo...
      • Unable to create bookmarks in IE7 - "Unspecified E...
  • ►  2006 (3)
    • ►  May (3)
Powered by Blogger.

About Me

Unknown
View my complete profile