在Windows Vista之前的系统(如Windows XP和2003等)中,Windows服务和应用程序使用相同的会话运行,即由第一个登录到控制台的用户启动的Session 0。一般系统服务的运行权限比应用程序高,在同一个会话中运行系统服务和用户应用程序会导致安全风险。于是,在Windows Vista以上的系统,如Win7中,对系统服务和一般应用程序进行了隔离,使得它们运行在不同的会话中。如系统服务运行在Session 0,而一般应用程序运行在Session 1。这样,虽然提高了安全性,对开发者来说也增加一定的麻烦,一些以前在xp下可以运行的程序可能在win7下运行不了。如何在高低权限的进程之间通信就是win7下一种很重要的技能了。下面主要介绍一下管道的方式:
Server端代码如下(Session 0):
//permission
SECURITY_ATTRIBUTES sa;
SECURITY_DESCRIPTOR sd;
BYTE aclBuffer[1024],sidBuffer[100];
PACL pacl = (PACL)&aclBuffer;//declare a ACL, length 1024
PSID psid = (PSID)&sidBuffer;//declare a SID,length 100
SID_NAME_USE snu;
DWORD sidBufferSize = 100, domainBufferSize = 80;
TCHAR domainBuffer[80];
InitializeSecurityDescriptor(&sd,SECURITY_DESCRIPTOR_REVISION);
InitializeAcl(pacl,1024,ACL_REVISION);
LookupAccountName(0,_T("everyone"),psid,&sidBufferSize,domainBuffer,&domainBufferSize,&snu);
AddAccessAllowedAce(pacl,ACL_REVISION,GENERIC_ALL,psid);
SetSecurityDescriptorDacl(&sd,TRUE,pacl,FALSE);
sa.nLength = sizeof(SECURITY_ATTRIBUTES);
sa.lpSecurityDescriptor = &sd;
sa.bInheritHandle = FALSE;
HANDLE hPipe = NULL;
TCHAR buffer[MAX_PATH] = {0};
TCHAR* bRet = L"Return Result!";
DWORD cbBytesRead = 0;
hPipe = CreateNamedPipe(_T("\\\\.\\pipe\\SharePipe"),PIPE_ACCESS_DUPLEX,
PIPE_TYPE_BYTE|PIPE_READMODE_BYTE|PIPE_WAIT,
PIPE_UNLIMITED_INSTANCES,MAX_PATH,MAX_PATH,
NMPWAIT_USE_DEFAULT_WAIT,
&sa);
//if(hPipe = INVALID_HANDLE_VALUE)
//{
// printf("Could not create the pipe, last error: %d \n",GetLastError());
//}
while(1)
{
//connect to the pipe
printf("connecting...\n");
ConnectNamedPipe(hPipe,NULL);
ZeroMemory(buffer,MAX_PATH);
//read from the pipe
ReadFile(hPipe,buffer,MAX_PATH,&cbBytesRead,NULL);
//process the data from the pipe
wprintf(L"data Read from Pipe: %s (length = %d)\n",buffer,cbBytesRead);
//return the process result to the pipe
WriteFile(hPipe,bRet,2*wcslen(bRet),&cbBytesRead,NULL);
wprintf(L"data Written to Pipe: %s (length = %d)\n",bRet,cbBytesRead);
FlushFileBuffers(hPipe);
DisconnectNamedPipe(hPipe);
printf("disconnectted!\n");
}
Client端代码如下(Session 1):
TCHAR* buffer = L"the data to be sent!";
TCHAR bResult[MAX_PATH];
DWORD bReaded = 0;
DWORD cbWritten = 0;
HANDLE hPipe = NULL;
WaitNamedPipe(_T("\\\\.\\pipe\\SharePipe"),NMPWAIT_USE_DEFAULT_WAIT);
hPipe = CreateFile(_T("\\\\.\\pipe\\SharePipe"),GENERIC_READ|GENERIC_WRITE,
FILE_SHARE_READ,
NULL,
CREATE_ALWAYS,
FILE_ATTRIBUTE_TEMPORARY,
NULL);
if(hPipe != INVALID_HANDLE_VALUE)
{
//write to the pipe
WriteFile(hPipe,buffer,2*wcslen(buffer),&cbWritten,NULL);
printf("lenofbuffer:%d, cbWritten:%d\n",2*wcslen(buffer),cbWritten);
ZeroMemory(bResult,MAX_PATH);
ReadFile(hPipe,&bResult,MAX_PATH,&bReaded,NULL);
wprintf(L"Pipe data: %s (%d) \n",bResult,bReaded);
CloseHandle(hPipe);
}
以上代码在Win7下测试通过。
推荐您阅读更多有关于“ 安全软件 ”的文章
请填写你的在线分享代码
评论列表: