CreateFile with Security

Posted on 1999-07-08
Medium Priority
Last Modified: 2008-03-17
I want to create a File (esp. a named pipe). The user is a administrator, but the file should be readable by everyone. How to do this?
Question by:JaegerA
LVL 86

Expert Comment

ID: 1199560
Set a 'world' SID in the SECURITY_DESCRIPTOR associated with the pipe...

Expert Comment

ID: 1199561
Jaeger - this question is HIGHLY operating system and environment specific.  You need to tell us more about your environment.

Accepted Solution

hsk0 earned 0 total points
ID: 1199562
Assuming's it's NT, you need to specify a "Null DACL" for the security descriptor,
which is not the same thing as a "NULL pointer".

Microsoft Knowledge Base Article Q106387 ("Sharing Objects with a Service") explains the details.

A quickie cut:

    SECURITY_DESCRIPTOR * pSecurityDescriptor;
    pSecurityDescriptor = (SECURITY_DESCRIPTOR *)
                                           LocalAlloc( LPTR,
                                                       SECURITY_DESCRIPTOR_MIN_LENGTH );
    if ( pSecurityDescriptor == 0 )
        // Error
        DWORD Win32LastError = ::GetLastError();

    // 2) Initialize the Security Descriptor
    if ( ! InitializeSecurityDescriptor( pSecurityDescriptor, SECURITY_DESCRIPTOR_REVISION ) )
        // Error
        DWORD Win32LastError = GetLastError();
        LocalFree( (HLOCAL) pSecurityDescriptor );

    // 3) Add a NULL DACL to the Security Descriptor
    if ( ! SetSecurityDescriptorDacl( pSecurityDescriptor,
                                      FALSE ) )
        // Error
        DWORD Win32LastError = GetLastError();
        LocalFree( (HLOCAL) pSecurityDescriptor );

    // 4) Setup a Security Attributes structure
    SecurityAttributes.nLength = sizeof(SecurityAttributes);
    SecurityAttributes.lpSecurityDescriptor = pSecurityDescriptor;
    SecurityAttributes.bInheritHandle = FALSE;

If you make it thru steps 1-3 then step 4 gives you the Null DACL.

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

When writing generic code, using template meta-programming techniques, it is sometimes useful to know if a type is convertible to another type. A good example of when this might be is if you are writing diagnostic instrumentation for code to generat…
C++ Properties One feature missing from standard C++ that you will find in many other Object Oriented Programming languages is something called a Property (http://www.experts-exchange.com/Programming/Languages/CPP/A_3912-Object-Properties-in-C.ht…
The goal of the video will be to teach the user the difference and consequence of passing data by value vs passing data by reference in C++. An example of passing data by value as well as an example of passing data by reference will be be given. Bot…
The viewer will learn how to pass data into a function in C++. This is one step further in using functions. Instead of only printing text onto the console, the function will be able to perform calculations with argumentents given by the user.

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question