How to CreateNamedPipe with FILE_CREATE_PIPE_INSTANCE access rights

[kalpesh]

i want to create a named pipe with FILE_CREATE_PIPE_INSTANCE access
rights.
for that i have to create one security discriptor but i dont which
type of secirity discriptor i use to cerate namaed pipe with
FILE_CREATE_PIPE_INSTANCE rights.

while creating security discriptor i dont want to use
ConvertStringSecurityDescriptorToSecurityDescriptor funciton because
i am going to build this code in DDK and DDK not support this
function.

so give me suggestion about security discriptor for
FILE_CREATE_PIPE_INSTANCE access rights..

Thanks in advance..
Kalpesh

 

[Andrew McLaren]

Hi Kalpesh,

Can you just call InitializeSecurityDescriptor() to create the descriptor?
Here's a code sample from T Kabilan, which I found on Google (there would be
hundreds more) ...

SECURITY_ATTRIBUTES m_pSecAttrib;
SECURITY_DESCRIPTOR* m_pSecDesc;

m_pSecDesc = (SECURITY_DESCRIPTOR*)LocalAlloc(LPTR,
SECURITY_DESCRIPTOR_MIN_LENGTH);

InitializeSecurityDescriptor(m_pSecDesc,
SECURITY_DESCRIPTOR_REVISION);

SetSecurityDescriptorDacl(m_pSecDesc,TRUE,(PACL)NULL,FALSE))

m_pSecAttrib.nLength = sizeof(SECURITY_ATTRIBUTES);
m_pSecAttrib.bInheritHandle = TRUE;
m_pSecAttrib.lpSecurityDescriptor = m_pSecDesc;

::CreateNamedPipe(PIPE_NAME,
PIPE_ACCESS_DUPLEX | FILE_FLAG_OVERLAPPED,
PIPE_TYPE_MESSAGE | PIPE_READMODE_MESSAGE | PIPE_WAIT,
PIPE_UNLIMITED_INSTANCES,
32768,
32768,
NMPWAIT_USE_DEFAULT_WAIT,
&m_pSecAttrib);

What you'd need to add to this sample is an AddAccessAllowedAce(), between
InitializeSecurityDescriptor() and SetSecurityDescriptorDacl(), which you'd
use to add the FILE_CREATE_PIPE_INSTANCE ACE. I'd write the code for you,
but ... that costs $200p/h Warning, though - I've never tried this from
the DDK.

Hope this helps a bit,
Andrew