开发者

Is this code setting any Security for this Named Pipe?

开发者 https://www.devze.com 2023-02-17 06:12 出处:网络
Here is my code I borrowed from I don\'t know where, maybe here or codeguru or codeproject. Anyway, I am wondering if I can just pass NULL as the last parameter in CreateNamedPipe or is the sa struc

Here is my code I borrowed from I don't know where, maybe here or codeguru or codeproject.

Anyway, I am wondering if I can just pass NULL as the last parameter in CreateNamedPipe or is the sa structure doing some type of security beyond NULL?

// Setup the named pipe with a security attribute so it is open to anyone t开发者_JAVA百科hat enquires.
SECURITY_ATTRIBUTES sa;
SECURITY_DESCRIPTOR sd;
InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION);
SetSecurityDescriptorDacl(&sd, TRUE, (PACL) NULL, FALSE);
sa.nLength = (DWORD) sizeof(SECURITY_ATTRIBUTES);
sa.lpSecurityDescriptor = (LPVOID) &sd;
sa.bInheritHandle = TRUE;

do
    {
    hPipe = CreateNamedPipe(lpszPipename,PIPE_ACCESS_DUPLEX,PIPE_TYPE_MESSAGE | PIPE_READMODE_MESSAGE | PIPE_WAIT,PIPE_UNLIMITED_INSTANCES,BUFSIZE,BUFSIZE,5000,&sa);
    if (hPipe != INVALID_HANDLE_VALUE) 
        {

        if (ConnectNamedPipe(hPipe, NULL)) {


If you pass NULL as the last parameter of CreateNamedPipe() then you get the default security descriptor for a named pipe.

http://msdn.microsoft.com/en-us/library/windows/desktop/aa365600%28v=vs.85%29.aspx

Your sample code sets a NULL Discretionary Access Control List (DACL). This is dangerous because it allows full control to everyone. This means any other application could take ownership of your named pipe and/or change the access permissions on it.

0

精彩评论

暂无评论...
验证码 换一张
取 消