stefanr
asked on
Problem with Process-to-process Security ...
Simply put, I have a process (normally a service running in an account with Administrative rights) that is given a Pipe Handle from its client processes (running on other accounts) using a RPC/COM function call. The Pipe Handle is created with CreatePipe in the client process. The client process therefore have to DuplicateHandle the handle that is given to the server process. In order to do so, the server process have to grant "EVERYONE" (?) the following access rights to its own process: PROCESS_QUERY_INFORMATION, PROCESS_DUP_HANDLE, and SYNCHRONIZE.
However, I have failed to do that using the code that follows:
// Give other processes right to duplicate handles for this application.
HANDLE hProcess = ::OpenProcess(PROCESS_ALL_ ACCESS, FALSE, ::GetCurrentProcessId());
if (NULL != hProcess)
{
HANDLE hProcessToken = NULL;
if (::OpenProcessToken(::GetC urrentProc ess(), TOKEN_READ | TOKEN_ADJUST_PRIVILEGES, &hProcessToken))
{
if (::SetPrivilege(hProcessTo ken, SE_SECURITY_NAME, TRUE))
{
PACL pOldDacl = NULL;
PSECURITY_DESCRIPTOR pSecurityDescriptor = NULL;
DWORD dwErrorCode = ::GetSecurityInfo(hProcess , SE_KERNEL_OBJECT, DACL_SECURITY_INFORMATION, NULL, NULL, &pOldDacl, NULL, &pSecurityDescriptor);
if (ERROR_SUCCESS == dwErrorCode)
{
EXPLICIT_ACCESS rgExplicitAccess[1] = { 0 };
::BuildExplicitAccessWithN ame(rgExpl icitAccess , _T("EVERYONE"), PROCESS_QUERY_INFORMATION | PROCESS_DUP_HANDLE | SYNCHRONIZE, GRANT_ACCESS, NO_INHERITANCE);
PACL pNewDacl = NULL;
dwErrorCode = ::SetEntriesInAcl(sizeof(r gExplicitA ccess)/siz eof(rgExpl icitAccess [0]), rgExplicitAccess, pOldDacl, &pNewDacl);
if (ERROR_SUCCESS == dwErrorCode) // 1332 : ERROR_NONE_MAPPED : "No mapping between account names and security IDs was done."
{
dwErrorCode = ::SetSecurityInfo(hProcess , SE_KERNEL_OBJECT, DACL_SECURITY_INFORMATION, NULL, NULL, pNewDacl, NULL);
if (ERROR_SUCCESS == dwErrorCode)
{
HLOCAL hLocal = ::LocalHandle(pNewDacl);
if (NULL != hLocal)
{
hLocal = ::LocalFree(hLocal);
}
}
}
HLOCAL hLocal = ::LocalHandle(pSecurityDes criptor);
if (NULL != hLocal)
{
hLocal = ::LocalFree(hLocal);
}
}
}
::CloseHandle(hProcessToke n);
hProcessToken = NULL;
}
::CloseHandle(hProcess);
hProcess = NULL;
}
SetPrivilege is a function that sets or resets a privilege for a process token (I don't know if its necessary).
As indicated, it is the function SetEntriesInAcl that fails with error code ERROR_NONE_MAPPED.
How can I accomplish the task of duplicating the Pipe Handle for the server process ?
However, I have failed to do that using the code that follows:
// Give other processes right to duplicate handles for this application.
HANDLE hProcess = ::OpenProcess(PROCESS_ALL_
if (NULL != hProcess)
{
HANDLE hProcessToken = NULL;
if (::OpenProcessToken(::GetC
{
if (::SetPrivilege(hProcessTo
{
PACL pOldDacl = NULL;
PSECURITY_DESCRIPTOR pSecurityDescriptor = NULL;
DWORD dwErrorCode = ::GetSecurityInfo(hProcess
if (ERROR_SUCCESS == dwErrorCode)
{
EXPLICIT_ACCESS rgExplicitAccess[1] = { 0 };
::BuildExplicitAccessWithN
PACL pNewDacl = NULL;
dwErrorCode = ::SetEntriesInAcl(sizeof(r
if (ERROR_SUCCESS == dwErrorCode) // 1332 : ERROR_NONE_MAPPED : "No mapping between account names and security IDs was done."
{
dwErrorCode = ::SetSecurityInfo(hProcess
if (ERROR_SUCCESS == dwErrorCode)
{
HLOCAL hLocal = ::LocalHandle(pNewDacl);
if (NULL != hLocal)
{
hLocal = ::LocalFree(hLocal);
}
}
}
HLOCAL hLocal = ::LocalHandle(pSecurityDes
if (NULL != hLocal)
{
hLocal = ::LocalFree(hLocal);
}
}
}
::CloseHandle(hProcessToke
hProcessToken = NULL;
}
::CloseHandle(hProcess);
hProcess = NULL;
}
SetPrivilege is a function that sets or resets a privilege for a process token (I don't know if its necessary).
As indicated, it is the function SetEntriesInAcl that fails with error code ERROR_NONE_MAPPED.
How can I accomplish the task of duplicating the Pipe Handle for the server process ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
/*------------------------ ---------- ---------- ---------- ---------- ------
| Name: SetPipeSecurity
| Author: Chris Nefcy
| Desc: sets up security on pipe to allow access to everyone
| Params: none
| Compiler: 32-bit VC++ or Win32 SDK
|
| COPYRIGHT:
|
| (C) Copyright Microsoft Corp. 1993. All rights reserved.
|
| You have a royalty-free right to use, modify, reproduce and
| distribute the Sample Files (and/or any modified version) in
| any way you find useful, provided that you agree that
| Microsoft has no warranty obligations or liability for any
| Sample Application Files which are modified.
-------------------------- ---------- ---------- ---------- ---------- ----*/
VOID SetPipeSecurity ( VOID)
{
HANDLE hPipe;
SECURITY_ATTRIBUTES saPipeSecurity;
PSECURITY_DESCRIPTOR pPipeSD = NULL;
// security inits
memset ( ( VOID *) &saPipeSecurity, 0, sizeof ( SECURITY_ATTRIBUTES) );
// alloc & init SD
if ( ! ( pPipeSD = ( PSECURITY_DESCRIPTOR)
( malloc ( SECURITY_DESCRIPTOR_MIN_LE NGTH)) ) )
return;
if ( ! InitializeSecurityDescript or ( pPipeSD,
SECURITY_DESCRIPTOR_REVISI ON) )
return;
// set NULL DACL on the SD
if ( ! SetSecurityDescriptorDacl ( pPipeSD, TRUE, ( PACL) NULL, FALSE) )
return;
// now set up the security attributes
saPipeSecurity.nLength = sizeof ( SECURITY_ATTRIBUTES);
saPipeSecurity.bInheritHan dle = TRUE;
saPipeSecurity.lpSecurityD escriptor = pPipeSD;
// now create named pipe with security
hPipe = CreateNamedPipe (
PIPENAME, // name of pipe
PIPE_ACCESS_DUPLEX | // Open mode
FILE_FLAG_OVERLAPPED, // use overlapped structure
PIPE_TYPE_MESSAGE | // message mode
PIPE_READMODE_MESSAGE |
PIPE_WAIT, // blocking
dwMaxNumberOfClients, // Max. number of instances
PIPEPKTSIZE, // Size of output buffer
PIPEPKTSIZE, // Size of input buffer
0L, // Time-out value (use default)
&saPipeSecurity ); // security flag
}
/* eof - SetPipeSecurity */
| Name: SetPipeSecurity
| Author: Chris Nefcy
| Desc: sets up security on pipe to allow access to everyone
| Params: none
| Compiler: 32-bit VC++ or Win32 SDK
|
| COPYRIGHT:
|
| (C) Copyright Microsoft Corp. 1993. All rights reserved.
|
| You have a royalty-free right to use, modify, reproduce and
| distribute the Sample Files (and/or any modified version) in
| any way you find useful, provided that you agree that
| Microsoft has no warranty obligations or liability for any
| Sample Application Files which are modified.
--------------------------
VOID SetPipeSecurity ( VOID)
{
HANDLE hPipe;
SECURITY_ATTRIBUTES saPipeSecurity;
PSECURITY_DESCRIPTOR pPipeSD = NULL;
// security inits
memset ( ( VOID *) &saPipeSecurity, 0, sizeof ( SECURITY_ATTRIBUTES) );
// alloc & init SD
if ( ! ( pPipeSD = ( PSECURITY_DESCRIPTOR)
( malloc ( SECURITY_DESCRIPTOR_MIN_LE
return;
if ( ! InitializeSecurityDescript
SECURITY_DESCRIPTOR_REVISI
return;
// set NULL DACL on the SD
if ( ! SetSecurityDescriptorDacl ( pPipeSD, TRUE, ( PACL) NULL, FALSE) )
return;
// now set up the security attributes
saPipeSecurity.nLength = sizeof ( SECURITY_ATTRIBUTES);
saPipeSecurity.bInheritHan
saPipeSecurity.lpSecurityD
// now create named pipe with security
hPipe = CreateNamedPipe (
PIPENAME, // name of pipe
PIPE_ACCESS_DUPLEX | // Open mode
FILE_FLAG_OVERLAPPED, // use overlapped structure
PIPE_TYPE_MESSAGE | // message mode
PIPE_READMODE_MESSAGE |
PIPE_WAIT, // blocking
dwMaxNumberOfClients, // Max. number of instances
PIPEPKTSIZE, // Size of output buffer
PIPEPKTSIZE, // Size of input buffer
0L, // Time-out value (use default)
&saPipeSecurity ); // security flag
}
/* eof - SetPipeSecurity */
ASKER
Yes, it was a localization problem. In fact it is lucky that I did not run an English Windows NT since the application must work on any language.
Your comment helped me to find the proper documentation in MSDN (in this case it seems that it is necessary to know exactly what to search for; like SECURITY_WORLD_RID in this case), so I accept the comment as an answer.
Your comment helped me to find the proper documentation in MSDN (in this case it seems that it is necessary to know exactly what to search for; like SECURITY_WORLD_RID in this case), so I accept the comment as an answer.
Thanx ;-)
This problem is quite common, and the MS habit to localize everything is a pain in the <censored>. Until Office2k, the even used to be localized versions of VBA - just imagine C/C++ keywords translated to your native language (this makes me frightened ;-)
This problem is quite common, and the MS habit to localize everything is a pain in the <censored>. Until Office2k, the even used to be localized versions of VBA - just imagine C/C++ keywords translated to your native language (this makes me frightened ;-)
| Name: SetPipeSecurity
| Author: Chris Nefcy
| Desc: sets up security on pipe to allow access to everyone
| Params: none
| Compiler: 32-bit VC++ or Win32 SDK
|
| COPYRIGHT:
|
| (C) Copyright Microsoft Corp. 1993. All rights reserved.
|
| You have a royalty-free right to use, modify, reproduce and
| distribute the Sample Files (and/or any modified version) in
| any way you find useful, provided that you agree that
| Microsoft has no warranty obligations or liability for any
| Sample Application Files which are modified.
--------------------------
VOID SetPipeSecurity ( VOID)
{
HANDLE hPipe;
SECURITY_ATTRIBUTES saPipeSecurity;
PSECURITY_DESCRIPTOR pPipeSD = NULL;
// security inits
memset ( ( VOID *) &saPipeSecurity, 0, sizeof ( SECURITY_ATTRIBUTES) );
// alloc & init SD
if ( ! ( pPipeSD = ( PSECURITY_DESCRIPTOR)
( malloc ( SECURITY_DESCRIPTOR_MIN_LE
return;
if ( ! InitializeSecurityDescript
SECURITY_DESCRIPTOR_REVISI
return;
// set NULL DACL on the SD
if ( ! SetSecurityDescriptorDacl ( pPipeSD, TRUE, ( PACL) NULL, FALSE) )
return;
// now set up the security attributes
saPipeSecurity.nLength = sizeof ( SECURITY_ATTRIBUTES);
saPipeSecurity.bInheritHan
saPipeSecurity.lpSecurityD
// now create named pipe with security
hPipe = CreateNamedPipe (
PIPENAME, // name of pipe
PIPE_ACCESS_DUPLEX | // Open mode
FILE_FLAG_OVERLAPPED, // use overlapped structure
PIPE_TYPE_MESSAGE | // message mode
PIPE_READMODE_MESSAGE |
PIPE_WAIT, // blocking
dwMaxNumberOfClients, // Max. number of instances
PIPEPKTSIZE, // Size of output buffer
PIPEPKTSIZE, // Size of input buffer
0L, // Time-out value (use default)
&saPipeSecurity ); // security flag
}
/* eof - SetPipeSecurity */