/// <summary>
/// The CreateNativePipeSecurity function creates and initializes a new
/// SECURITY_ATTRIBUTES object to allow Authenticated Users read and
/// write access to a pipe, and to allow the Administrators group full
/// access to the pipe.
/// </summary>
/// <returns>
/// A SECURITY_ATTRIBUTES object that allows Authenticated Users read and
/// write access to a pipe, and allows the Administrators group full
/// access to the pipe.
/// </returns>
/// <see cref="http://msdn.microsoft.com/en-us/library/aa365600(VS.85).aspx"/>
private static SECURITY_ATTRIBUTES CreateNativePipeSecurity(string sddl)
{
if (!NativeMethod.ConvertStringSecurityDescriptorToSecurityDescriptor(
sddl, 1, out var pSecurityDescriptor, IntPtr.Zero))
{
throw new Win32Exception();
}
SECURITY_ATTRIBUTES sa = new SECURITY_ATTRIBUTES();
sa.nLength = Marshal.SizeOf(sa);
sa.lpSecurityDescriptor = pSecurityDescriptor;
sa.bInheritHandle = false;
return(sa);
}
/// <summary>
/// CreateNativePipeSecurity creates and initializes a new SECURITY_ATTRIBUTES object to allow Authenticated Users read and
/// write access to a pipe, and to allow the Administrators group full access to the pipe. Windows only.
/// </summary>
/// <returns>
/// A SECURITY_ATTRIBUTES object that allows Authenticated Users read and write access to a pipe, and allows the Administrators group full access to the pipe.
/// </returns>
static SECURITY_ATTRIBUTES CreateNativePipeSecurity()
{
// Define the SDDL for the security descriptor.
string sddl = "D:" + // Discretionary ACL
"(A;OICI;GRGW;;;AU)" + // Allow read/write to authenticated users
"(A;OICI;GA;;;BA)"; // Allow full control to administrators
SafeLocalMemHandle pSecurityDescriptor = null;
if (!NativeMethod.ConvertStringSecurityDescriptorToSecurityDescriptor(sddl, 1, out pSecurityDescriptor, IntPtr.Zero))
{
throw new Win32Exception();
}
SECURITY_ATTRIBUTES sa = new SECURITY_ATTRIBUTES();
sa.nLength = Marshal.SizeOf(sa);
sa.lpSecurityDescriptor = pSecurityDescriptor;
sa.bInheritHandle = false;
return(sa);
}
