Click here to Skip to main content
15,867,568 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
Hey there, everyone.
While workin on my app i stuck with quite a problem: Application consists of two parts. Service and GUI. GUI while finishing work with data needs to set named global event into alerted state but it does not for some reason. Named Global Event is created by Service. And everything looks fine(no errors during creation)
Event at first was created with default SECURITY_ATTRIBUTES. But when i try openning Event from GUI application a recieve error 5 (ERROR_ACCESS_DENIED).
Then i tried with filled SECURITY_ATTRIBUTES structure and now i get error 2 (ERROR_FILE_NOT_FOUND).
Service part:
C++
#define UI_ACTION_EVENT L"Global\\APPLICATION_GLOBAL_EVENT"

  DWORD dwRes;
  SECURITY_ATTRIBUTES sa;
  PSECURITY_DESCRIPTOR pSD = NULL;
  SID_IDENTIFIER_AUTHORITY SIDAuthWorld = SECURITY_WORLD_SID_AUTHORITY;
  PACL pAcl = NULL;
  PSID pEveryoneSID = NULL;
  EXPLICIT_ACCESS ea[1];
  //Creation of SID for the Everyone group
  if(!AllocateAndInitializeSid(
    &SIDAuthWorld,   //PSID_IDENTIFIER_AUTHORITY
    1,               //nSubAuthorityCount
    SECURITY_WORLD_RID,     //nSubAuthority0
    0, 0, 0, 0, 0, 0, 0,    //Not used subAuthorities.
    &pEveryoneSID))         //Callback argument that recieves pointer to the allocated and initialized SID structure
  {
    LogMakeRecord(L"AllocateAndInitializeSid() Error.");
  }

  //Filling in EXPLICIT_ACCESS structure. Everyone's group members will have all the permissions on event.
  ZeroMemory(&ea, sizeof(EXPLICIT_ACCESS));
  ea[0].grfAccessPermissions = EVENT_ALL_ACCESS;
  ea[0].grfAccessMode = SET_ACCESS;
  ea[0].grfInheritance = NO_INHERITANCE;
  ea[0].Trustee.TrusteeForm = TRUSTEE_IS_SID;
  //ea[0].Trustee.TrusteeType = TRUSTEE_IS_GROUP;
  ea[0].Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP;
  ea[0].Trustee.ptstrName = (LPTSTR)pEveryoneSID;

  //Creation of new ACL that contains the new ACE.
  dwRes = SetEntriesInAcl(1, ea, NULL, &pAcl);
  if(dwRes != ERROR_SUCCESS)
  {
    LogMakeRecord(L"SetEntriesInAcl() Error.");
  }

  //Security Descriptor initialization
  pSD = (PSECURITY_DESCRIPTOR) LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH);
  if (pSD == NULL)
  {
    LogMakeRecord(L"LocalAlloc() Error.");
  }

  if(!InitializeSecurityDescriptor(pSD, SECURITY_DESCRIPTOR_REVISION))
  {
    LogMakeRecord(L"InitializeSecurityDescriptor() Error.");
  }
  
  //Adding ACL to Security Descriptor.
  if(!SetSecurityDescriptorDacl(pSD, TRUE, pAcl, FALSE))
  {
    LogMakeRecord(L"SetSecurityDescriptorDacl() Error.");
  }
  
  //Initialize Security Attributes structure.
  sa.nLength = sizeof(SECURITY_ATTRIBUTES);
  sa.lpSecurityDescriptor = pSD;
  sa.bInheritHandle = FALSE;

  
  HANDLE hUIActionEvent = CreateEvent(&sa, TRUE, FALSE, UI_ACTION_EVENT);


GUI part:
C++
#define UI_ACTION_EVENT L"Global\\APPLICATION_GLOBAL_EVENT"

HANDLE uiEvent = OpenEvent(EVENT_MODIFY_STATE, FALSE, UI_ACTION_EVENT);
  if (uiEvent != NULL)
  {
    if (SetEvent(uiEvent) == 0)
    {
      ASSERT(FALSE);
      #ifdef _DEBUG
      DWORD error = GetLastError();
      error = error;
      #endif
    }
  }
  else
  {
    #ifdef _DEBUG
    DWORD error = GetLastError();
    error = error;
    #endif
  }


The goal is: to make global event accessible to EveryOne group on pc.
I've tried searching similar posts on the internet but had no luck with it.
Looking forward to hearing from ya guys.
Posted
Comments
Marius Bancila 29-Jan-13 3:53am    
Your service and application, are they running under the same accounts, or not? Do they have the same level of access?
Alexey Loire 29-Jan-13 3:57am    
no. Service is under LocalSystem account while GUI can be under any account on PC.
In example i tried to give Everyone group full access rights on this event
Garth J Lancaster 29-Jan-13 4:34am    
see if there's anything here than can help >> http://www.codeproject.com/Articles/36581/Interaction-between-services-and-applications-at-u
Alexey Loire 29-Jan-13 5:02am    
no glues still -.-
I think that something wrong with part that is dedicated to creation of ACL.
I used EVENT_ALL_ACCESS but not sure that that's exact value.
There's not a single error while creating ACL, forming DACL and Creating Event with such a SECURITY_ATTRIBUTES structure. I can see my Event in the sysinternals procmon but for some reason gui app can't open event at all.
Garth J Lancaster 29-Jan-13 5:19am    
what happens if you use a null acl - doesnt that effectively translate to 'give everyone permissions' to the object ?

Just managed to solve my problem via using SPECIFIC_RIGHTS_ALL | STANDARD_RIGHTS_ALL flags in grfAccessPermissions which can be found in EXPLICIT_ACCESS structure.
EVENT_ALL_ACCESS - didn't work for some reason ;(

Sorrowfully there's not a single manual that describes what values does this field can have.... -.-
 
Share this answer
 
Comments
Garth J Lancaster 31-Jan-13 20:37pm    
Cool - glad you got it sorted out
Alexey Loire 1-Feb-13 0:26am    
tnx^_^
Lars Rådman 28-Apr-14 8:48am    
Thanks, helped me out too!
I have two exe's on different user accounts on the same PC that need to communicate with eachother.
Code-o-mat 3-Jun-14 4:42am    
5 points for solving your problem and letting us know. Thanks. :)
try this methode for generating Security Attributes structure
C++
//
//anyone access (for service - application communication)
//
PSECURITY_DESCRIPTOR    m_pSD;
SECURITY_ATTRIBUTES m_sa;

m_pSD = NULL;
m_sa.nLength = sizeof(m_sa);
m_sa.lpSecurityDescriptor = NULL;
m_sa.bInheritHandle = TRUE;

m_pSD = (PSECURITY_DESCRIPTOR) malloc( SECURITY_DESCRIPTOR_MIN_LENGTH );

if ( m_pSD )
{
    if ( InitializeSecurityDescriptor(m_pSD, SECURITY_DESCRIPTOR_REVISION) )
    {
        // add a NULL disc. ACL to the security descriptor.
        if ( SetSecurityDescriptorDacl(m_pSD, TRUE, (PACL) NULL, FALSE) )
        {
            m_sa.nLength = sizeof(m_sa);
            m_sa.lpSecurityDescriptor = m_pSD;
            m_sa.bInheritHandle = TRUE;
        }
    }
}

HANDLE hUIActionEvent = ::CreateEvent(&m_sa, TRUE, FALSE, UI_ACTION_EVENT);

if ( m_pSD )
    free(m_pSD);


This work for me.
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900