csc and efs : how it is implemented ?

[kona]

Hello,
I'm searching technical informations about the couple CSC-EFS.
How are offline files encrypted ? Which, how private is assigned to the
file ?
Is it possible de recover un offline file ?
Any informations are welcome ?

Thanh's in advance.

 

[kona]

Thank you for your informations.
You wrote : CSC is a single file.
But when I take a look on the %systemroot%\csc is a lot of directory,
d1, d2, ... dn. Each of them have some files.
You wrote also : the file ..., and presents to the user only the files
that were cached for that user.
I did the following test :
I created a file with owner test1 and a second file with owner test2.
Both files can be accessible, open by the two accounts (online)
Now when I'm offline, and connected as test1 or test2, I can see the
both files into the offline folder. But I can only open the one I'm the
owner.
So, what make the access denied to the file I'm not the owner ?
With normal efs, it would be due to the personal private key added to
the header of the file. But in the case of offline folder (csc) ?
Is the access denied due to a special ACL only affected during the
offline mode ?

Regards

 

[Guest]

This may help to answer one of your questions:
http://www.microsoft.com/windowsxp/using/security/expert/encryptoffline.mspx
"A common database on the local machine is used to store all user files and
to limit access to those files through explicit access control lists (ACLs)."

Thanks.
Pat