Now and then, I need to edit the boot.ini file in order to fix some configuration issue. Ever since NT 3.1, it's been an ASCII text file on the hard disk. With Vista, that's all changed; it maintains a boot file called the Boot Configuration Data or BCD, located on the boot volume (that is, the volume that the operating system (OS) boots from, no matter what Microsoft calls it) in a folder named BOOT. It's one of those files locked open by the operating system (like the *.EVT event log files), so you can't edit it in the normal manner, and because that means that it'll be tougher for the odd bit of malware to modify it. Don't go looking to edit it from the Control Panel, either; the Startup and Recovery dialog box is still in Control Panel hidden a few layers down, but where the XP version of that dialog had a button labeled "To edit the startup options manually, press Edit," that doesn't exist in Vista anymore. Instead, there's bcdedit.exe, a command-line tool for messing with Vista boot options.
boot.ini Review
The reason why I needed to modify boot.ini—normally a few-minute operation that became a multi-hour process, although it'll take you much less time after reading this—is that when I'm running test machines that are not connected to the Internet, either virtual or real, I'm often using slower machines, and in an effort to reduce my waiting time when playing with Vista, I like to turn off Data Execution Prevention (DEP). I do not recommend doing this on a production machine or, for that matter, any system into which you will type any data that you wouldn't want the world to know. But for test systems that you won't be sharing your vital data with, it's a great idea. With XP and 2003 systems, I could always shut off DEP by editing the boot.ini and adding the /NoExecute=AlwaysOff option to any boot.ini entry. But how to do that (and other things) to BCD? Well, to learn that, we've got to learn BCD-ese. Here's the boot.ini on my XP workstation:
boot loader)
timeout=30
default=multi(0)disk(0)rdisk(0)partition
[operating systems] multi(0)disk(0)rdisk(0)partition(2)WINDO NoExecute=OptOut multi(0)disk(0)rdisk(0)partition(2)WINDO NoExecute=OptOut /DEBUG multi(0)disk(0)rdisk(0)partition(1)WINDO /fastdetect This particular boot.ini offers three different OS options when booting this computer; those three options are in the section named [operating systems]. The three lines following it (each is long and broken on the page, but there would indeed be just three lines if we were viewing this on a wide computer screen) is called a "boot.ini entry." For example, consider this one: multi(0)disk(0)rdisk(0)partition(2)WINDO NoExecute=OptOut< noexecute="OptOut,"> |
Above the [operating systems] section, there is a [boot loader] section. It specifies two things: how long to leave the menu on the screen, and which option to make default if the boot.ini options time out.
Now, if you're scratching your head saying, "I never see anything like that boot.ini file, or a boot-time menu at all in either XP or in Vista," that means that you've got only one OS entry. In that case, you don't get the menu on either XP or Vista. If you do have a Vista BCD with more than one entry, then you see a different boot menu from the one that you would have in the pre-Vista days, assuming that you had a multi-entry boot.ini. The Vista boot menu is text, but it's a bit snazzier than boot.ini, like the one that you see in Figure 1.1.
This menu shows two options: "Microsoft Windows Vista," the option built when Vista's installed, and "Vista without DEP," an option that I've created and that I'll show you how to create. In addition to the OS entries, Vista's Boot Manager also offers the option of booting straight to a memory tester—a convenient touch on Microsoft's part, particularly given that Vista systems typically need quite a bit more memory than XP systems.
0 comments
Post a Comment