Thema: Delphi Named Pipes zwischen Service und eingeschränktem Programm

Einzelnen Beitrag anzeigen

Fridolin Walther

Registriert seit: 11. Mai 2008
Ort: Kühlungsborn
446 Beiträge
 
Delphi 2009 Professional
 
#11

Re: Named Pipes zwischen Service und eingeschränktem Program

  Alt 30. Aug 2008, 14:13
zusammenfalten · markieren
Delphi-Quellcode:
program pipeserver;

{$APPTYPE CONSOLE}

uses
  jwawinbase, jwawintype, jwawinnt, jwaaccctrl, jwaaclapi, jwawinerror, sysutils;

function InstanceThread(PipeHandle : dword) : dword; stdcall;
var
  Value : dword;
  tmp : dword;
begin
  result := 0;

  ReadFile(PipeHandle, @Value, 4, @tmp, nil);
  WriteFile(PipeHandle, @Value, 4, @tmp, nil);

  FlushFileBuffers(PipeHandle);
  DisconnectNamedPipe(PipeHandle);
  CloseHandle(PipeHandle);
end;

function ServerThread(unused : dword) : dword; stdcall;
const
  BUFSIZE = 4;
var
  PipeHandle : dword;
  Connected : boolean;
  SA : LPSECURITY_ATTRIBUTES;
  ACL : PACL;
  Group : TRUSTEE;
  EA : PEXPLICIT_ACCESS;
  SD : PSECURITY_DESCRIPTOR;
  ACL_SIZE : ACL_SIZE_INFORMATION;
  tmp : dword;
begin
  Group.MultipleTrusteeOperation := NO_MULTIPLE_TRUSTEE;
  Group.pMultipleTrustee := nil;
  Group.ptstrName := 'Jeder';
  Group.TrusteeForm := TRUSTEE_IS_NAME;
  Group.TrusteeType := TRUSTEE_IS_GROUP;

  new(EA);
  EA^.grfAccessMode := GRANT_ACCESS;
  EA^.grfAccessPermissions := GENERIC_READ or GENERIC_WRITE;
  EA^.grfInheritance := NO_INHERITANCE;
  EA^.Trustee := group;

  SetEntriesInAcl(1, EA, nil, ACL);
  GetAclInformation(ACL, @ACL_SIZE, sizeof(ACL_SIZE), AclSizeInformation);
  getmem(SD, SECURITY_DESCRIPTOR_MIN_LENGTH + ACL_SIZE.AclBytesFree + ACL_SIZE.AclBytesInUse);
  InitializeSecurityDescriptor(sd, SECURITY_DESCRIPTOR_REVISION);
  SetSecurityDescriptorDacl(sd, TRUE, ACL, FALSE);

  new(SA);
  sa^.bInheritHandle := FALSE;
  sa^.lpSecurityDescriptor := sd;
  sa^.nLength := sizeof(sa);

  while true do
    begin
      PipeHandle := CreateNamedPipeW('\\.\pipe\demopipe', PIPE_ACCESS_DUPLEX,
                                     PIPE_TYPE_MESSAGE or PIPE_READMODE_MESSAGE or
                                     PIPE_WAIT, PIPE_UNLIMITED_INSTANCES, BUFSIZE,
                                     BUFSIZE, INFINITE, SA);

      if PipeHandle = INVALID_HANDLE_VALUE then
        begin
          sleep(100);
          continue;
        end;

      Connected := ConnectNamedPipe(PipeHandle, nil)
                   or (GetLastError = ERROR_PIPE_CONNECTED);

      if Connected then
        begin
          tmp := CreateThread(nil, 0, @InstanceThread,
                                       Pointer(PipeHandle), 0, nil);
          if tmp = 0 then
            begin
              DisconnectNamedPipe(PipeHandle);
              CloseHandle(PipeHandle);
              continue;
            end else
              CloseHandle(tmp);
        end else
          CloseHandle(PipeHandle);
  end;

  LocalFree(cardinal(ACL));
  freemem(SD);
  dispose(EA);
end;

var
  tmp : dword;
begin
  write('Starting ServerThread: ');
  tmp := CreateThread(nil, 0, @ServerThread, nil, 0, nil);
  writeln(tmp <> 0);
  CloseHandle(tmp);
  readln;
end.
Ist ein kleiner Pipe Server, der eine Pipe mit einer DACL die Jedem im System explizit Lese und Schreibrechte erlaubt erstellt.
Fridolin Walther
  Mit Zitat antworten Zitat