[12.0.181 Pro] - Saving file in SE kills labels

[12.0.181 Pro] - Saving file in SE kills labels

On some file systems, it is possible to store labels assigned to files or folders. On NTFS that label information is stored in an alternate data stream with the actual file itself so that when you copy, move or rename the file, the label goes with it (provided the app doing the copying/moving supports that feature and it is not disabled). This label comes in handy when preparing dozens (hundreds) of scripts for deployment as one can use it to mark which ones still need to be touched. However, some editors do not honor this label, and saving files in such apps will make this label simply vanish.

Unfortunately, SQL Editor is one of those apps. Usually, those apps save the file by saving the whole contents of the file to a new, temporary file and then rename that file to the old name if everything went well. While this method of saving is meant to increase the odds of not screwing up the contents of the original file in case something goes fubar during save, it backfires if the app is not aware of the original file having some metadata attached to it in the file system, and actually results in data loss (regardless of the successful save) in spite of it being their best intention.

Could you check if there's anything you could improve in the method SE saves the file so that this label is not slaughtered every time SE pushes the changes to disk, please?

This might be very challenging I think.

I was under impression that using ADS (alternate data stream) was discontinued many years ago for security reasons because it enabled malicious applications inject hard to detect payload to otherwise harmless files using ADS. Was it not? I remember I have read somewhere how a large executable file could be added totally hidden to a small text file with .TXT extension using ADS, the file wouldn't show changes in its size in Windows Explorer, still open in Notepad as a regular text file with the original contents, and it could be then copied/propagated to a victim's system as if it was a small regular text file, and then its payload executed on the victim's system bypassing local security controls.

I admit it did have some nefarious uses in the past (and most likely still has), but no, it's still here. At least Win 10 definitely supports it and quite a few applications still benefit from it, including the operating system itself. Browsers tend to mark files downloaded from the internet as unsafe using ADS, SQL Server used to use it as well (for database integrity, I think), and Sublime Text implemented the proper handling of it in its v4 released last year(?). I recall even Kaspersky is utilizing it somehow. It's an internal part of NTFS, hence I guess it won't go away soon. It's a nice little feature, I'd be sad if it were removed.

My use case is that simple marking of the files for attention. I could move them to a separate folder, but that would mess with the repository structure, even if temporarily. Maintaining two/more copies of them is a no-go because of the overhead of keeping them in sync. The ability to label them using ADS solves my problem quickly and smoothly.

What are your estimates for challenge rating?

EDIT: hmm, it kills extended file properties too. Why? Are they handled the same way?

Any hints on this one?

I'm sorry, I'm unable to answer your question at this time. I can certainly log it as an enhancement request.

That would be great, thank you very much!