/// <summary> /// Creates or opens a shared memory view. /// </summary> /// <param name="sharedMemoryMapName"></param> /// <param name="sharedMemorySize"></param> /// <returns></returns> public static new SharedMemoryMapView CreateOrOpen(string sharedMemoryMapName, ulong sharedMemorySize) { SharedMemorySafeHandle sharedMemoryHandle; using (SecurityDescriptorSafePtr securityDescriptor = Security.CreateDefaultSecurityDescriptor()) { var securityAttr = new Native.SECURITY_ATTRIBUTES { Length = (uint)Marshal.SizeOf <Native.SECURITY_ATTRIBUTES>(), InheritHandle = false, SecurityDescriptor = securityDescriptor.DangerousGetHandle(), }; Utils.SplitULong(sharedMemorySize, out uint sharedMemorySizeHigh, out uint sharedMemorySizeLow); sharedMemoryHandle = Native.CreateFileMapping( Native.InvalidPointer, ref securityAttr, Native.FileMapProtection.PageReadWrite, sharedMemorySizeHigh, sharedMemorySizeLow, sharedMemoryMapName); } if (sharedMemoryHandle.IsInvalid) { throw new FileNotFoundException( $"Failed to CreateFileMapping {sharedMemoryMapName}", innerException: new Win32Exception(Marshal.GetLastWin32Error())); } Security.VerifyHandleOwner(sharedMemoryHandle); return(new SharedMemoryMapView(sharedMemoryHandle, sharedMemorySize)); }
private NamedEvent(string name) { using (SecurityDescriptorSafePtr securityDescriptor = Security.CreateDefaultSecurityDescriptor()) { var securityAttr = new Native.SECURITY_ATTRIBUTES { Length = (uint)Marshal.SizeOf <Native.SECURITY_ATTRIBUTES>(), InheritHandle = false, SecurityDescriptor = securityDescriptor.DangerousGetHandle(), }; eventHandle = Native.CreateEvent( ref securityAttr, manualReset: false, initialState: false, name); if (eventHandle.IsInvalid) { throw new IOException( $"Failed to create a NamedEvent {name}", innerException: new Win32Exception(Marshal.GetLastWin32Error())); } Security.VerifyHandleOwner(eventHandle); } }
internal static extern int GetSecurityInfo( [In] SafeHandle handle, [In] SecurityObjectType objectType, [In] SecurityInformation securityInformation, [In] IntPtr sidOwner, [In] IntPtr sidGroup, [In] IntPtr dacl, [In] IntPtr sacl, [Out] out SecurityDescriptorSafePtr securityDescriptor);
/// <summary> /// Check if handle has been created by authorized user. /// </summary> /// <param name="handle"></param> /// <remarks> /// Authorized users: /// - built in administrators, /// - current user. /// </remarks> internal static void VerifyHandleOwner(SafeHandle handle) { // Get the security descriptor for given handle. // int result = Native.GetSecurityInfo( handle, Native.SecurityObjectType.SecurityFileObject, Native.SecurityInformation.OwnerSecurityInformation, sidOwner: IntPtr.Zero, sidGroup: IntPtr.Zero, dacl: IntPtr.Zero, sacl: IntPtr.Zero, out SecurityDescriptorSafePtr handleSecurityDescriptor); using SecurityDescriptorSafePtr scopedHandleSecurityDescriptor = handleSecurityDescriptor; if (result != Native.ErrorSuccess) { throw new Win32Exception(result); } if (!Native.GetSecurityDescriptorOwner(handleSecurityDescriptor, out IntPtr handleOwnerSid, out bool ownerDefaulted1)) { throw new Win32Exception(Marshal.GetLastWin32Error()); } // Allow access, if owner is local system. // if (Native.IsWellKnownSid(handleOwnerSid, Native.WellKnownSidType.WinLocalSystemSid)) { return; } // Allow access, if owner is builtin administator. // if (Native.IsWellKnownSid(handleOwnerSid, Native.WellKnownSidType.WinBuiltinAdministratorsSid)) { return; } // Allow acces, if current user is the owner. // using SecurityIdentifierSafePtr currentOwnerSecuryIdentifier = GetCurrentUserSid(); if (Native.EqualSid(currentOwnerSecuryIdentifier.DangerousGetHandle(), handleOwnerSid)) { return; } throw new UnauthorizedAccessException(); }
internal static extern bool ConvertSecurityDescriptorToStringSecurityDescriptor( [In] SecurityDescriptorSafePtr securityDescriptor, [In] uint stringSDRevision, [In] SecurityInformation securityInformation, [Out] out string stringSecurityDescriptor, [Out] out uint stringSecurityDescriptorLength);
internal static extern bool ConvertStringSecurityDescriptorToSecurityDescriptor( [In] string stringSecurityDescriptor, [In] uint stringSDRevision, [Out] out SecurityDescriptorSafePtr securityDescriptor, [Out] out int securityDescriptorSize);
internal static extern bool GetSecurityDescriptorOwner( SecurityDescriptorSafePtr pSecurityDescriptor, out IntPtr owner, out bool ownerDefaulted);