|
-
April 2nd, 2012, 08:43 AM
#1
IPC between service and user application
Hi,
I am trying to implement IPC between a service and user application using Mailslots.
When the Mailslot is created from within my Service (in Session 0) The UserMode application is not able to write to the mailslot. What do I have to do to cross the Session isolation?
-
April 2nd, 2012, 09:41 AM
#2
Re: IPC between service and user application
Did you consider using named pipes instead?
 Victor Nijegorodov
-
April 2nd, 2012, 01:27 PM
#3
Re: IPC between service and user application
Agreement with VictorN: use named pipes instead, as they are more suitable for interaction between a service and a user
-
April 2nd, 2012, 05:51 PM
#4
Re: IPC between service and user application
What do I have to do to cross the Session isolation?
It's very unlikely the issue is about session isolation. Did you set security attributes proper way? In case you place just NULL, only other process running the same account (LocalSystem ?) is able to access the secured object, mailslot in your case.
Best regards,
Igor
-
April 3rd, 2012, 03:38 AM
#5
Re: IPC between service and user application
Igor,
thanks for the hint. That was the problem. When using a NULL-Dacl instead of empty security attributes it works.
Mike, Victor: I only need to push data from a user mode app to the service. Thats why Mailslots are more suiteable for me in this case 
Regards,
Chris
-
August 21st, 2016, 03:29 AM
#6
Re: IPC between service and user application
I'm having the same problem. I use NULL for security attributes but still doesn't work. IPC can only communicate between same user account services but not between windows service (LocalSystem) and user application.
-
August 21st, 2016, 09:10 AM
#7
Re: IPC between service and user application
Did you read the thread? Using NULL in place of security attributes works exactly like you just described. It's not "but still doesn't work" case, it’s rather "so still won't work ever until you start doing it right" case.
Best regards,
Igor
-
August 24th, 2016, 04:01 AM
#8
Re: IPC between service and user application
Similar problem resolved: see the post
Best regards,
Igor
-
August 31st, 2016, 12:23 AM
#9
Re: IPC between service and user application
Thanks Igor,
Code:
PSECURITY_DESCRIPTOR psd = NULL;
BYTE sd[SECURITY_DESCRIPTOR_MIN_LENGTH];
psd = (PSECURITY_DESCRIPTOR)sd;
InitializeSecurityDescriptor(psd, SECURITY_DESCRIPTOR_REVISION);
SetSecurityDescriptorDacl(psd, TRUE, (PACL)NULL, FALSE);
SECURITY_ATTRIBUTES sa = { sizeof(sa), psd, FALSE };
Last edited by eclessiastes; August 31st, 2016 at 07:03 AM.
-
September 1st, 2016, 12:25 AM
#10
Re: IPC between service and user application
 Originally Posted by eclessiastes
Thanks Igor,
Code:
PSECURITY_DESCRIPTOR psd = NULL;
BYTE sd[SECURITY_DESCRIPTOR_MIN_LENGTH];
psd = (PSECURITY_DESCRIPTOR)sd;
InitializeSecurityDescriptor(psd, SECURITY_DESCRIPTOR_REVISION);
SetSecurityDescriptorDacl(psd, TRUE, (PACL)NULL, FALSE);
SECURITY_ATTRIBUTES sa = { sizeof(sa), psd, FALSE };
BTW, you can do a bit more targeted ACL setup, something like that:
Code:
LPTCSTR szSD = TEXT("D:") // Discretionary ACL
TEXT("(D;OICI;GA;;;BG)") // Deny access to built-in guests
TEXT("(D;OICI;GA;;;AN)") // Deny access to anonymous logon
TEXT("(A;OICI;GRGWGX;;;AU)") // Allow read/write/execute to authenticated users
TEXT("(A;OICI;GA;;;BA)"); // Allow full control to built-in administrators
BOOL res = ::ConvertStringSecurityDescriptorToSecurityDescriptor(
szSD, SDDL_REVISION_1, &sa.lpSecurityDescriptor, NULL);
Last edited by Igor Vartanov; September 1st, 2016 at 12:31 AM.
Best regards,
Igor
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|
Reply With Quote
