Crpytomator/Dokan - Windows Explorer Context Menu - Function New


When you Right-Click on a Cryptomator Drive mounted under Windows via dokan, the Explorers “New” submenu only shows “Folder” to create new folders, but offers no simple file to create, like when right-Clicking on a normal drive folder. c:\temp f.e.

From my own dokan implementations, i know this depends on a missing or failing implemetation of dokan-interface GetFileSecurity. Here is a simple sample of a working implementation (from the dokan mirror sample) using the .NET standard classes System.IO.Directory and System.IO.File to return just the Security Informations of the underlaying implementations directory oder file. You also can use any other well-know directory or file inside the crypted folder instead. This will work much better than your existing implemetation, whatever it does.

    public NtStatus GetFileSecurity(string fileName, out FileSystemSecurity security, AccessControlSections sections,
        DokanFileInfo info)
            security = info.IsDirectory
                ? (FileSystemSecurity)Directory.GetAccessControl(GetPath(fileName))
                : File.GetAccessControl(GetPath(fileName));
            return Trace(nameof(GetFileSecurity), fileName, info, DokanResult.Success, sections.ToString());
        catch (UnauthorizedAccessException)
            security = null;
            return Trace(nameof(GetFileSecurity), fileName, info, DokanResult.AccessDenied, sections.ToString());


Do you mean this context menu?

I got a lot of options creating something new. What is your Cryptomator and Dokany version?

We don’t implement GetFileSecurity() and SetFileSecurity() at all and use the dokan fallbacks.


Yes that one.

Contextmenü doesn’t work in any folder for me.
Cryptomator 1.4.9
Dokan Library (x64)

I had to implement these function on my implementation as i told.


I don’t know, why you don’t have the permissions to create anything. My first guess is that your system has a stricter security policy (something like that the “everyone”-user is not allowed to do anything).

Questions which come up for me are: Has the current account admin rights? What are the permissions of the current account for the location where your vault is located? Do you have stricter security policy by your knowledge?

To the implementation of GetFileSecurity(): We tried some implementation purely in Java and dropped it because getting the security descriptor right is quite complicated. Your approach access some native windows api which we try to avoid since it costs a lot of runtime (due to JNA). I don’t know how often this function is called, maybe it is worth to implement it, but currently it works for a lot of users out of the box.