命名管道客户端在调用UnauthorizedAccessException时抛出SetAccessControl
命名管道客户端在调用UnauthorizedAccessException时抛出SetAccessControl
提问于 2015-01-19 07:41:11
我正在尝试用c#编写命名管道客户端,但是当调用SetAccessControl()时,我会得到SetAccessControl()。
{System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.
at System.Security.AccessControl.Win32.SetSecurityInfo(ResourceType type, String name, SafeHandle handle, SecurityInfos securityInformation, SecurityIdentifier owner, SecurityIdentifier group, GenericAcl sacl, GenericAcl dacl)
at System.Security.AccessControl.NativeObjectSecurity.Persist(String name, SafeHandle handle, AccessControlSections includeSections, Object exceptionContext)
at System.Security.AccessControl.NativeObjectSecurity.Persist(SafeHandle handle, AccessControlSections includeSections)
at System.IO.Pipes.PipeSecurity.Persist(SafeHandle handle)
at NamePipeEx.Program.Main(String[] args) in c:\Users\zangw\Documents\Visual Studio 2013\Projects\NamePipeEx\NamePipeEx\Program.cs:line 27
at System.AppDomain._nExecuteAssembly(RuntimeAssembly assembly, String[] args)
at Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly()
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Threading.ThreadHelper.ThreadStart()}这是我的密码
PipeAccessRule pr = new PipeAccessRule("Everyone", PipeAccessRights.ReadWrite, System.Security.AccessControl.AccessControlType.Allow);
PipeSecurity ps = new PipeSecurity();
ps.AddAccessRule(pr);
var client = new NamedPipeClientStream(".", "logpipe", PipeDirection.In, PipeOptions.WriteThrough);
// connect to the server
client.Connect();
client.SetAccessControl(ps);
client.ReadMode = PipeTransmissionMode.Message;请帮我找出我密码的失效原因。
编辑在C++中添加命名管道服务器代码
HANDLE hPipe;
LPTSTR lpPipeName = TEXT("\\\\.\\pipe\\logpipe");
// try to open a named pipe
hPipe = CreateNamedPipe(lpPipeName, PIPE_ACCESS_DUPLEX, PIPE_TYPE_MESSAGE|PIPE_READMODE_MESSAGE|PIPE_WAIT,
PIPE_UNLIMITED_INSTANCES, 2048, 2048, NMPWAIT_USE_DEFAULT_WAIT, NULL);
if (hPipe == INVALID_HANDLE_VALUE){
printf("Pipe handler error");
//return -1;
}
if (!ConnectNamedPipe(hPipe, NULL)){
if (GetLastError() != ERROR_PIPE_CONNECTED){
printf("FAILED to connect ");
}
}
printf("Client named pipe connected...");
// send message to named pipe
LPTSTR msg = TEXT("Default message from server...\r\n");
DWORD cbToWrite = lstrlen(msg) + 1;
while (true){
DWORD cbWritten = 0;
bool fSuccess = WriteFile(hPipe, msg, cbToWrite, &cbWritten, NULL);
if (!fSuccess)
printf("Failed to writefile pipe");
}回答 3
Stack Overflow用户
发布于 2015-01-19 08:14:10
因为使用默认的安全描述符,只有管理员或系统用户才能连接到管道。
命名管道的默认安全描述符中的ACL将完全控制授予LocalSystem帐户、管理员和创建者所有者。他们还允许每个人小组的成员和匿名帐户的成员阅读。换句话说,使用NULL作为安全属性,命名管道不能通过网络使用写权限连接,也不能从作为较低完整性级别运行的本地客户端连接。
要授予每个人对服务器的所有访问权限(不仅仅是连接访问权限),您需要填充安全属性。
Stack Overflow用户
发布于 2015-01-19 09:02:59
当使用NamedPipeClientStream的另一个带有PipeAccessRights的构造函数时,我会解决这个问题。
var client = new NamedPipeClientStream(".", "logpipe", PipeAccessRights.FullControl,
PipeOptions.WriteThrough, System.Security.Principal.TokenImpersonationLevel.None, HandleInheritability.None);Stack Overflow用户
发布于 2016-10-06 20:21:03
我也有类似的问题:
System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.当我的服务器将管道方向定义为PipeDirection.In,而我的客户机也用PipeDirection.In定义管道方向时(其中一个必须是PipeDirection.Out,或者如果两者都需要读/写,则使用PipeDirection.InOut)。
我之所以回答这个问题,是因为UnauthorizedAccessException并不总是针对安全问题,也许可以帮助其他人。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/28019923
复制相关文章
相似问题
腾讯云开发者
