File Mapping problem In Win7/vista

See more:

VC8.0

C++

Windows

Win7

I have a program using File Mapping to do Inter-Process Communication。 I have two processes。
On Win7， process A creates Process B. B is a lower integrity process。A launches B using CreateLowProcess().

BOOL CreateLowProcess(CString csCmd)
{
  BOOL bRet = FALSE;
  HANDLE hToken = NULL;
  HANDLE hNewToken = NULL;

  // Low integrity SID
  WCHAR wszIntegritySid[20] = L"S-1-16-4096";
  PSID pIntegritySid = NULL;

  TOKEN_MANDATORY_LABEL TIL = {0};
  PROCESS_INFORMATION ProcInfo = {0};
  STARTUPINFO StartupInfo = {0};
  ULONG ExitCode = 0;

  if (OpenProcessToken(GetCurrentProcess(),MAXIMUM_ALLOWED, &hToken))
  {
  if (DuplicateTokenEx(hToken, MAXIMUM_ALLOWED, NULL,
  SecurityImpersonation, TokenPrimary, &hNewToken))
  {
  if (ConvertStringSidToSid(wszIntegritySid, &pIntegritySid))
  {
  TIL.Label.Attributes = SE_GROUP_INTEGRITY;
  TIL.Label.Sid = pIntegritySid;

  // Set the process integrity level
  if (SetTokenInformation(hNewToken, (TOKEN_INFORMATION_CLASS)TokenIntegrityLevel, &TIL,
  sizeof(TOKEN_MANDATORY_LABEL) + GetLengthSid(pIntegritySid)))
  {
  // Create the new process at Low integrity
  bRet = CreateProcessAsUser(hNewToken, NULL,
  csCmd.GetBuffer(),NULL, NULL, FALSE,
  0, NULL, NULL, &StartupInfo, &ProcInfo);
  }

  LocalFree(pIntegritySid);
  }
  CloseHandle(hNewToken);
  }
  CloseHandle(hToken);
  }
  return bRet;
}OOL CreateLowProcess(CString csCmd)
{
  BOOL bRet = FALSE;
  HANDLE hToken = NULL;
  HANDLE hNewToken = NULL;

  // Low integrity SID
  WCHAR wszIntegritySid[20] = L"S-1-16-4096";
  PSID pIntegritySid = NULL;

  TOKEN_MANDATORY_LABEL TIL = {0};
  PROCESS_INFORMATION ProcInfo = {0};
  STARTUPINFO StartupInfo = {0};
  ULONG ExitCode = 0;

  if (OpenProcessToken(GetCurrentProcess(),MAXIMUM_ALLOWED, &hToken))
  {
  if (DuplicateTokenEx(hToken, MAXIMUM_ALLOWED, NULL,
  SecurityImpersonation, TokenPrimary, &hNewToken))
  {
  if (ConvertStringSidToSid(wszIntegritySid, &pIntegritySid))
  {
  TIL.Label.Attributes = SE_GROUP_INTEGRITY;
  TIL.Label.Sid = pIntegritySid;

  // Set the process integrity level
  if (SetTokenInformation(hNewToken, (TOKEN_INFORMATION_CLASS)TokenIntegrityLevel, &TIL,
  sizeof(TOKEN_MANDATORY_LABEL) + GetLengthSid(pIntegritySid)))
  {
  // Create the new process at Low integrity
  bRet = CreateProcessAsUser(hNewToken, NULL,
  csCmd.GetBuffer(),NULL, NULL, FALSE,
  0, NULL, NULL, &StartupInfo, &ProcInfo);
  }

  LocalFree(pIntegritySid);
  }
  CloseHandle(hNewToken);
  }
  CloseHandle(hToken);
  }
  return bRet;
} 

The Process A creates a File Mapping

SECURITY_DESCRIPTOR* pSecDesc = NULL;

	pSecDesc = (SECURITY_DESCRIPTOR*)LocalAlloc(LPTR,
		SECURITY_DESCRIPTOR_MIN_LENGTH);

	InitializeSecurityDescriptor(pSecDesc,
		SECURITY_DESCRIPTOR_REVISION);

	SetSecurityDescriptorDacl(pSecDesc,TRUE,(PACL)NULL,FALSE);

	LPTSTR buffer = NULL;
	DWORD dwLong;
	BOOL bSuc = ConvertSecurityDescriptorToStringSecurityDescriptor(
		pSecDesc,
		SDDL_REVISION_1,
		OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION | 0x00000010L , 
		&buffer,
		&dwLong);

        SECURITY_ATTRIBUTES  sa;
        sa.nLength = sizeof(SECURITY_ATTRIBUTES);
        sa.bInheritHandle = FALSE; 
        sa.lpSecurityDescriptor = pSecDesc;
	
        m_hMapFile = CreateFileMapping(
        	NULL,
        	&sa,
        	PAGE_READWRITE,
        	0,
        	nSize,
        	csShareMemName
        	);

But Process B can't get the write access to the File Mapping.

What's the problem?
I need your help.

my email is langziwuwu@hotmail.com