- 1 year ago
Making named pipe accessible only to the logon sid that starts the client process
To make a named pipe accessible only to the logon SID (Security Identifier) that starts the client process, you can follow these steps:
Create the named pipe with a security descriptor that restricts access to the logon SID of the client process. You can use the
CreateNamedPipe
function in C/C++ to create the named pipe and provide a security descriptor.Get the logon SID of the client process. You can use the
OpenProcessToken
andGetTokenInformation
functions to retrieve the token of the client process and extract the logon SID.Modify the security descriptor of the named pipe to allow access only to the logon SID of the client process. You can use the
SetSecurityInfo
function with theDACL_SECURITY_INFORMATION
flag to modify the discretionary access control list (DACL) of the named pipe's security descriptor.
Here's an example in C++ that demonstrates these steps:
cpp#include <windows.h>
#include <sddl.h>
int main()
{
HANDLE hPipe;
SECURITY_ATTRIBUTES sa;
SECURITY_DESCRIPTOR sd;
PSID pLogonSID = nullptr;
// Create the named pipe
ZeroMemory(&sa, sizeof(SECURITY_ATTRIBUTES));
ZeroMemory(&sd, sizeof(SECURITY_DESCRIPTOR));
if (!InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION))
{
// Error handling
return 1;
}
if (!ConvertStringSidToSid(TEXT("S-1-5-18"), &pLogonSID))
{
// Error handling
return 1;
}
if (!SetSecurityDescriptorOwner(&sd, pLogonSID, FALSE))
{
// Error handling
return 1;
}
sa.nLength = sizeof(SECURITY_ATTRIBUTES);
sa.lpSecurityDescriptor = &sd;
sa.bInheritHandle = FALSE;
hPipe = CreateNamedPipe(
TEXT("\\\\.\\pipe\\MyPipe"),
PIPE_ACCESS_DUPLEX,
PIPE_TYPE_MESSAGE | PIPE_READMODE_MESSAGE | PIPE_WAIT,
PIPE_UNLIMITED_INSTANCES,
0,
0,
0,
&sa);
if (hPipe == INVALID_HANDLE_VALUE)
{
// Error handling
return 1;
}
// Perform other operations with the named pipe
// Cleanup
CloseHandle(hPipe);
LocalFree(pLogonSID);
return 0;
}
In the above example, the ConvertStringSidToSid
function is used to convert the string representation of the logon SID (in this case, S-1-5-18
, which represents the Local System account) to a valid SID.
Note that the above code is a simplified example and may require additional error handling and cleanup steps. Make sure to adapt it to your specific needs and handle any errors that may occur.
By setting the security descriptor of the named pipe to allow access only to the logon SID of the client process, you can ensure that only the process with the specified logon SID can access the named pipe.