Re: Connect a pipe from asynchronous pluggable protocol?

"Bill Holt" <mailbill(NOSPAM)@21cn.com.nospam> wrote in message
news:CB6C387F-2701-4F15-BA60-7C0DBD3C4BFD@xxxxxxxxxxxxxxxx
I don't have any problems creating the server pipe. And I created a test
client program to make sure that the pipe server/client model is working
correctly.

But I ran into some problem when using the APP to connect. CreateFile
keeps failing. GetLastError() returns 5, which means access denied. I
suppose it's because I called CreateNamedPipe with NULL as security
attribute. I'm wondering what account is APP working under. And I'm using
multi-threads that is created with NULL as security too, is that related?
How do I setup the security attribute to allow connect from APP? Or is
there anything else I should be aware of?

If you specify NULL for the security attributes structure then the pipe is
accessible to clients running under the same account as the one used by the
server to create the pipe. Now, if your server runs as a service under the
local system account then you have a problem accessing it from an
interactive session.

How to you want to secure access to access the pipe? If any authenticated
user is fine then what you do initialize a security descriptor and set a
null discretionary access control list (DACL) into it as I did here:

http://groups.google.com/group/microsoft.public.vc.language/browse_thread/thread/1d52884432bf3715/bec904491174795f?hl=en&lnk=st&q=#bec904491174795f

If you want to do something more clever, I have a video tutorial on
discretionary access control lists. I'd like to give you a direct link,
instead go here,

http://www.microsoft.com/click/hellosecureworld/default.mspx

skip the intro, clock the "movie time" button and choose the DACL video

Regards,
Will


.