I'm fairly certain you couldn't tell from the Linux side, since, as you said, it's transparent to you.

I'd check, but I don't have an XP box with an NTFS drive available within easy reach. On Win2k, it's in Properties, then click Advanced.
--
Mike

Yeah, I intend to set up the directories myself and they should all be encrypted. What I'd like to do is ensure that the file is encrypted and send mail to the user if it isn't.

--traveler

Interestingly, you can get this on Windows if you have ActivePerl installed, using the Win32::File module.

The catch (apart from the fact that you'd like to do this from Linux) is that Win32::File doesn't seem to have a constant for "ENCRYPTED", but it does return the correct bit set...

grep FILE_ATTRIBUTE_ENCRYPTED *\*.h
Include/WinNT.h:#define FILE_ATTRIBUTE_ENCRYPTED            0x00004000
[download]

And running GetAttributes on an encrypted file yields:

C:\>perl -MWin32::File -e"Win32::File::GetAttributes('README.TXT',$x);
+ printf
 qq(%X\n),$x;map {printf qq(%-10s %08X\n),$_,&{'Win32::File::'.$_}} qw
+(ARCHIVE C
OMPRESSED DIRECTORY HIDDEN NORMAL OFFLINE READONLY SYSTEM TEMPORARY)"
6021
ARCHIVE    00000020
COMPRESSED 00000800
DIRECTORY  00000010
HIDDEN     00000002
NORMAL     00000080
OFFLINE    00001000
READONLY   00000001
SYSTEM     00000004
TEMPORARY  00000100
[download]

I realize that doesn't really help you from Linux, unless you set up an "isencrypted_d" service running on NT :)

If you're curious, the 0x2000 bit is "FILE_ATTRIBUTE_NOT_CONTENT_INDEXED"...
--
Mike

'scuse my lack of knowledge of *nix stuff, but the following (vague) description might work for you.

Spawn a thread or more likely fork a child process, set the (?real|effective) userid to a non-privaledged ID. Pass the file name/handle and the first word in the file to the child process (via a pipe or shared mem) and have it attempt to read that word and return yea/nay as appropriate.