Locker

Each file open operation in Windows (leading at the very end to NtOpenFile/NtCreateFile syscall) requires two separate parameters to be passed: DesiredAccess and ShareAccess.
​
The first one seems to be clear - the opening party tells the Operating System about way how to open the file: for reading, for writing, for executing, or for everything. Each of those consists of multiple detailed rights such as STANDARD_RIGHTS_EXECUTE, FILE_WRITE_EA, SYNCHRONIZE, etc. Even if it is quite complex inside, the overall purpose seems easy to understand. The purpose of ShareAccess is also very important, but it works from the other end of the scenario: it tells the Operating System what to do if someone else asks for the same file while it's open by me.
​
If I open a file for reading, I would like to prevent changes made in the meantime. If I want to write a file, I will prefer to deny others reading it before I finish, etc. It's not about permissions or ownership. It's about keeping order and managing situations where more than one party wants to open the same file at the same time.
​
Sometimes, it may be allowed, e.g. when both of us want only to read, it's safe and there is no reason to deny it. As each scenario may be different, it's not the Operating System decision what to allow or deny. The opening party says it clearly each time using ShareAccess flag. In practice, when it comes to files, the flag has 3 bits: FILE_SHARE_READ, FILE_SHARE_WRITE, and FILE_SHARE_DELETE. Each time a combination of zero to three of these bits is passed, allowing others to read, write and delete file separately. Or not allowing any of those, which is legit as well! What is important, ShareAccess treats all parties equally, there are no VIPs here.
​
Even the least important application can block access to a file, and no one will be able to open it until it's released when closed. Even if we should appreciate the feature of keeping order, sometimes files are just "locked", and we need to do something about it.
​
I will not provide all tricks and techniques this time, and I will challenge you instead: I have written a small app serving only one purpose: it creates a file on your desktop and then "locks" it by opening with zero ShareAccess flags. Try to read the file. The "Locker" app can be downloaded from my GitHub: https://github.com/gtworek/PSBits/tree/master/Locker