Win7/Vista中的文件映射问题 [英] File Mapping problem In Win7/vista
本文介绍了Win7/Vista中的文件映射问题的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我有一个使用文件映射进行进程间通信的程序.我有两个进程.
在Win7上,进程A创建进程B.B是一个完整性较低的进程.A使用CreateLowProcess()启动B.
I have a program using File Mapping to do Inter-Process Communication。 I have two processes。
On Win7, process A creates Process B. B is a lower integrity process。A launches B using CreateLowProcess().
BOOL CreateLowProcess(CString csCmd)
{
BOOL bRet = FALSE;
HANDLE hToken = NULL;
HANDLE hNewToken = NULL;
// Low integrity SID
WCHAR wszIntegritySid[20] = L"S-1-16-4096";
PSID pIntegritySid = NULL;
TOKEN_MANDATORY_LABEL TIL = {0};
PROCESS_INFORMATION ProcInfo = {0};
STARTUPINFO StartupInfo = {0};
ULONG ExitCode = 0;
if (OpenProcessToken(GetCurrentProcess(),MAXIMUM_ALLOWED, &hToken))
{
if (DuplicateTokenEx(hToken, MAXIMUM_ALLOWED, NULL,
SecurityImpersonation, TokenPrimary, &hNewToken))
{
if (ConvertStringSidToSid(wszIntegritySid, &pIntegritySid))
{
TIL.Label.Attributes = SE_GROUP_INTEGRITY;
TIL.Label.Sid = pIntegritySid;
// Set the process integrity level
if (SetTokenInformation(hNewToken, (TOKEN_INFORMATION_CLASS)TokenIntegrityLevel, &TIL,
sizeof(TOKEN_MANDATORY_LABEL) + GetLengthSid(pIntegritySid)))
{
// Create the new process at Low integrity
bRet = CreateProcessAsUser(hNewToken, NULL,
csCmd.GetBuffer(),NULL, NULL, FALSE,
0, NULL, NULL, &StartupInfo, &ProcInfo);
}
LocalFree(pIntegritySid);
}
CloseHandle(hNewToken);
}
CloseHandle(hToken);
}
return bRet;
}OOL CreateLowProcess(CString csCmd)
{
BOOL bRet = FALSE;
HANDLE hToken = NULL;
HANDLE hNewToken = NULL;
// Low integrity SID
WCHAR wszIntegritySid[20] = L"S-1-16-4096";
PSID pIntegritySid = NULL;
TOKEN_MANDATORY_LABEL TIL = {0};
PROCESS_INFORMATION ProcInfo = {0};
STARTUPINFO StartupInfo = {0};
ULONG ExitCode = 0;
if (OpenProcessToken(GetCurrentProcess(),MAXIMUM_ALLOWED, &hToken))
{
if (DuplicateTokenEx(hToken, MAXIMUM_ALLOWED, NULL,
SecurityImpersonation, TokenPrimary, &hNewToken))
{
if (ConvertStringSidToSid(wszIntegritySid, &pIntegritySid))
{
TIL.Label.Attributes = SE_GROUP_INTEGRITY;
TIL.Label.Sid = pIntegritySid;
// Set the process integrity level
if (SetTokenInformation(hNewToken, (TOKEN_INFORMATION_CLASS)TokenIntegrityLevel, &TIL,
sizeof(TOKEN_MANDATORY_LABEL) + GetLengthSid(pIntegritySid)))
{
// Create the new process at Low integrity
bRet = CreateProcessAsUser(hNewToken, NULL,
csCmd.GetBuffer(),NULL, NULL, FALSE,
0, NULL, NULL, &StartupInfo, &ProcInfo);
}
LocalFree(pIntegritySid);
}
CloseHandle(hNewToken);
}
CloseHandle(hToken);
}
return bRet;
}
进程A创建文件映射
The Process A creates a File Mapping
SECURITY_DESCRIPTOR* pSecDesc = NULL;
pSecDesc = (SECURITY_DESCRIPTOR*)LocalAlloc(LPTR,
SECURITY_DESCRIPTOR_MIN_LENGTH);
InitializeSecurityDescriptor(pSecDesc,
SECURITY_DESCRIPTOR_REVISION);
SetSecurityDescriptorDacl(pSecDesc,TRUE,(PACL)NULL,FALSE);
LPTSTR buffer = NULL;
DWORD dwLong;
BOOL bSuc = ConvertSecurityDescriptorToStringSecurityDescriptor(
pSecDesc,
SDDL_REVISION_1,
OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION | 0x00000010L ,
&buffer,
&dwLong);
SECURITY_ATTRIBUTES sa;
sa.nLength = sizeof(SECURITY_ATTRIBUTES);
sa.bInheritHandle = FALSE;
sa.lpSecurityDescriptor = pSecDesc;
m_hMapFile = CreateFileMapping(
NULL,
&sa,
PAGE_READWRITE,
0,
nSize,
csShareMemName
);
但是进程B无法获得对文件映射的写访问权.
有什么问题?
我需要你的帮助.
我的电子邮件是langziwuwu@hotmail.com
But Process B can''t get the write access to the File Mapping.
What''s the problem?
I need your help.
my email is langziwuwu@hotmail.com
推荐答案
您是否尝试过CreateFileMapping返回的句柄上的> ^ ].
Have you tried DuplicateHandle[^] on the handle returned by CreateFileMapping
.
这篇关于Win7/Vista中的文件映射问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文