I am working on a program that takes a list of authorized USB keys and, whenever a USB key is plugged into, it checks whether that is authorized or not. If it is not authorized, it will set that in read-only mode.
I managed to listen to the USB key plugged in event, but I am struggling with setting the USB key in read-only mode. The only thing I found so far is the StorageDevicePolicies registry key, which seems to set all the USB keys in read-only. It could be a compromise, but the problem is that the change in the registry does not seem to take effect until the key is removed and plugged in again.
I made this manual test:
I plugged the key in,
the key is in read-write mode,
I set the StorageDevicePolicies/WriteProtect=1 in the registry,
the key is still in read-write mode,
I plugged out the key and plugged it in again,
the key is now in read-only mode.
I am not a Windows expert but it seems to me that writing a program that setting StorageDevicePolicies/WriteProtect=1 whenever a USB key is plugged in will not work anyway, since it won't take effect immediately. Is that correct? Also, that is a fallback I would rather to avoid. I would prefer to set the read-only mode only for the non-authorized keys.
The project I'm working on is in C#, if that makes any difference.