/// <summary> /// The CreateMailslotSecurity function creates and initializes a new /// SECURITY_ATTRIBUTES object to allow Authenticated Users read and /// write access to a mailslot, and to allow the Administrators group full /// access to the mailslot. /// </summary> /// <returns> /// A SECURITY_ATTRIBUTES object that allows Authenticated Users read and /// write access to a mailslot, and allows the Administrators group full /// access to the mailslot. /// </returns> /// <see cref="http://msdn.microsoft.com/en-us/library/aa365600.aspx"/> static NativeMethods.SECURITY_ATTRIBUTES CreateMailslotSecurity() { // Define the SDDL for the security descriptor. string sddl = "D:" + // Discretionary ACL "(A;OICI;GRGW;;;AU)" + // Allow read/write to authenticated users "(A;OICI;GA;;;BA)"; // Allow full control to administrators NativeMethods.SafeLocalMemHandle pSecurityDescriptor = null; if (!NativeMethods.ConvertStringSecurityDescriptorToSecurityDescriptor( sddl, 1, out pSecurityDescriptor, IntPtr.Zero)) { throw new Win32Exception(); } NativeMethods.SECURITY_ATTRIBUTES sa = new NativeMethods.SECURITY_ATTRIBUTES(); sa.nLength = Marshal.SizeOf(sa); sa.lpSecurityDescriptor = pSecurityDescriptor; sa.bInheritHandle = false; return sa; }
static void Main(string[] args) { NativeMethods.SafeMailslotHandle hMailslot = null; try { // Prepare the security attributes (the lpSecurityAttributes parameter // in CreateMailslot) for the mailslot. This is optional. If the // lpSecurityAttributes parameter of CreateMailslot is NULL, the // mailslot gets a default security descriptor and the handle cannot // be inherited. The ACLs in the default security descriptor of a // mailslot grant full control to the LocalSystem account, (elevated) // administrators, and the creator owner. They also give only read // access to members of the Everyone group and the anonymous account. // However, if you want to customize the security permission of the // mailslot, (e.g. to allow Authenticated Users to read from and // write to the mailslot), you need to create a SECURITY_ATTRIBUTES // structure. NativeMethods.SECURITY_ATTRIBUTES sa = null; sa = CreateMailslotSecurity(); // Create the mailslot. hMailslot = NativeMethods.CreateMailslot( MailslotName, // The name of the mailslot 0, // No maximum message size NativeMethods.MAILSLOT_WAIT_FOREVER, // Waits forever for a message sa // Mailslot security attributes ); if (hMailslot.IsInvalid) { throw new Win32Exception(); } Console.WriteLine("The mailslot ({0}) is created.", MailslotName); // Check messages in the mailslot. Console.Write("Press ENTER to check new messages or press Q to quit ..."); string cmd = Console.ReadLine(); while (!cmd.Equals("Q", StringComparison.OrdinalIgnoreCase)) { Console.WriteLine("Checking new messages..."); ReadMailslot(hMailslot); Console.Write("Press ENTER to check new messages or press Q to quit ..."); cmd = Console.ReadLine(); } } catch (Win32Exception ex) { Console.WriteLine("The server throws the error: {0}", ex.Message); } finally { if (hMailslot != null) { hMailslot.Close(); hMailslot = null; } } }