windowsservicewindows-vistavista-security

Windows: setting security attributes at process-level granularity


Background: I have a windows service that works in the background (obviously), and uses a utility program to perform a certain interactive task and send back the data to the service over a named pipe. The utility program runs whenever the service sees fit, and lives only for a few seconds.

The problem begins in Vista where the program could not freely open the named pipe for write access anymore (see Windows Service Hardening).

I plan to solve the problem by creating the named pipe with security attributes such that grant write-access to the currently logged-in user under whos context the program is started, while a question rose to my mind: Could I allow access to that named pipe to only the process using its (or its thread's) handle?

Or to put differently: Can windows' (Vista/7/later) security mechanism go down to process-level granularity?

I'm a novice in that area and the docs about security are giving me quite a headache, so any enlightenment is welcome.

Thanks in advance.


Solution

  • You can't secure an object via process id (because processes are not security principals), but you can use GetNamedPipeClientProcessId after the connection is established, and fail all requests if the process id is not one you like.