Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


CreateFile with Security

Posted on 1999-07-08
Medium Priority
Last Modified: 2008-03-17
I want to create a File (esp. a named pipe). The user is a administrator, but the file should be readable by everyone. How to do this?
Question by:JaegerA
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 86

Expert Comment

ID: 1199560
Set a 'world' SID in the SECURITY_DESCRIPTOR associated with the pipe...

Expert Comment

ID: 1199561
Jaeger - this question is HIGHLY operating system and environment specific.  You need to tell us more about your environment.

Accepted Solution

hsk0 earned 0 total points
ID: 1199562
Assuming's it's NT, you need to specify a "Null DACL" for the security descriptor,
which is not the same thing as a "NULL pointer".

Microsoft Knowledge Base Article Q106387 ("Sharing Objects with a Service") explains the details.

A quickie cut:

    SECURITY_DESCRIPTOR * pSecurityDescriptor;
    pSecurityDescriptor = (SECURITY_DESCRIPTOR *)
                                           LocalAlloc( LPTR,
                                                       SECURITY_DESCRIPTOR_MIN_LENGTH );
    if ( pSecurityDescriptor == 0 )
        // Error
        DWORD Win32LastError = ::GetLastError();

    // 2) Initialize the Security Descriptor
    if ( ! InitializeSecurityDescriptor( pSecurityDescriptor, SECURITY_DESCRIPTOR_REVISION ) )
        // Error
        DWORD Win32LastError = GetLastError();
        LocalFree( (HLOCAL) pSecurityDescriptor );

    // 3) Add a NULL DACL to the Security Descriptor
    if ( ! SetSecurityDescriptorDacl( pSecurityDescriptor,
                                      FALSE ) )
        // Error
        DWORD Win32LastError = GetLastError();
        LocalFree( (HLOCAL) pSecurityDescriptor );

    // 4) Setup a Security Attributes structure
    SecurityAttributes.nLength = sizeof(SecurityAttributes);
    SecurityAttributes.lpSecurityDescriptor = pSecurityDescriptor;
    SecurityAttributes.bInheritHandle = FALSE;

If you make it thru steps 1-3 then step 4 gives you the Null DACL.

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Errors will happen. It is a fact of life for the programmer. How and when errors are detected have a great impact on quality and cost of a product. It is better to detect errors at compile time, when possible and practical. Errors that make their wa…
In days of old, returning something by value from a function in C++ was necessarily avoided because it would, invariably, involve one or even two copies of the object being created and potentially costly calls to a copy-constructor and destructor. A…
The viewer will learn how to use the return statement in functions in C++. The video will also teach the user how to pass data to a function and have the function return data back for further processing.
The viewer will be introduced to the technique of using vectors in C++. The video will cover how to define a vector, store values in the vector and retrieve data from the values stored in the vector.

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question