Sign in to follow this  
Followers 0
cvocvo

Security Descriptor

1 post in this topic

#1 ·  Posted (edited)

I am working with Named Pipes and by default when the Named Pipe is created it is set to use a default security descriptor structure.

I need to know how to make a custom security descriptor (default is Global Const $tagSECURITY_ATTRIBUTES). The descriptor basically needs to let me add the Users group or atleast a specific user to have full control, like the Owner does. That way a regular user can read and write to the named pipe created by the privileged user.

I know I have to use DllStructCreate to make the structure and then DllStructGetPtr to get the memory location pointer to use for the named pipe, but does anyone know HOW to make this custom security descriptor?

I'd just need a simple example or a help page someplace to figure it out.

Any thoughts/help?

Thanks

I found this good article about the SDDL (Security Description Definition Language), but I'm not sure how to apply this to use with AutoIt: http://blogs.charteris.com/blogs/chrisdi/archive/2008/06/16/exploring-the-wcf-named-pipe-binding-part-2.aspx

I also found this post: http://www.autoitscript.com/forum/index.php?showtopic=115688

It's doing some run as stuff, but it has some custom security descriptor stuff in it, but I'm not sure where the actual access control list (ACL) stuff gets set, because it doesn't appear to in the example on that post. Here's the code I'm looking at from there:

;;I've commented what I think is happening below
$lpProcessAttributes = DllStructCreate($tagSECURITY_ATTRIBUTES)
$lpThreadAttributes = DllStructCreate($tagSECURITY_ATTRIBUTES) ;; Looks to be creating the security attributes structure
$bInheritHandles = False ;; Is this setting the inherit handles flags for both security structures?
$dwCreationFlags = 0x0  ;; Not sure what this is setting
$lpEnvironment = ""
$lpCurrentDirectory = ""

DllStructSetData($lpThreadAttributes, "Descriptor", "")
$ta_size = DllStructGetSize($lpThreadAttributes)
DllStructSetData($lpThreadAttributes, "Length", $ta_size)
DllStructSetData($lpProcessAttributes, "Descriptor", "")
$pa_size = DllStructGetSize($lpProcessAttributes)
DllStructSetData($lpProcessAttributes, "Length", $pa_size)

Anyone have insight here?

Edited by cvocvo

Share this post


Link to post
Share on other sites



Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0