Creating and opening securable objects

In earlier versions of Windows, it was possible to open and read (though not necessarily write) many temporary objects by passing NULL parameter values to the relevant function. Starting with Windows 8, this is no longer possible because AppContainer isolation restricts all access by default. To gain access to a securable object (read, write, or otherwise), you need to pass appropriate parameter values when opening handles to those resources. Use these examples to do so..

Creating and opening objects

Windows contains a number of different objects that require handles. This section shows how to create and open object handles for many common objects.

Creating and opening events

This example shows how to create and open a named event that supports the Internet Explorer AppContainer:


// Create an Event
// Input VARIANT is in form PRIVATENAMESPACE\ObjectName
STDMETHODIMP DemoCreateEvent(_In_ LPVARIANT pvarName)
{
    m_hEvent = CreateEventW(nullptr, FALSE, FALSE, V_BSTR(pvarName));
    if (m_hEvent != nullptr)
    {
        hr = SetKernelHandleAppContainer(m_hEvent, SYNCHRONIZE | EVENT_MODIFY_STATE);
}
// ...
}

// Open an Event
// Input VARIANT is in form PRIVATENAMESPACE\ObjectName
STDMETHODIMP DemoOpenEvent(_In_ LPVARIANT pvarName)
{
    m_hEvent = OpenEventW(SYNCHRONIZE | EVENT_MODIFY_STATE, FALSE, V_BSTR(pvarName));
// ...
}

Creating and opening mutexes

This example shows how to create and open a mutex that supports the IE AppContainer:


//Create a mutex
// Input VARIANT is in form PRIVATENAMESPACE\ObjectName
STDMETHODIMP DemoCreateMutex(_In_ LPVARIANT pvarName)
{
    m_hMutex = CreateMutexW(nullptr, FALSE, V_BSTR(pvarName),);
    if (m_hMutex != nullptr)
    {
        hr = SetKernelHandleAppContainer(m_hMutex, SYNCHRONIZE | MUTEX_MODIFY_STATE);
}
// ...
}

// Open a Mutex
// Input VARIANT is in form PRIVATENAMESPACE\ObjectName
STDMETHODIMP DemoOpenMutex(_In_ LPVARIANT pvarName)
{
    m_hMutex = OpenMutexW(SYNCHRONIZE | MUTEX_MODIFY_STATE, FALSE, V_BSTR(pvarName));
// ...
}

Creating and opening semaphors

Here's how to create and open a semaphor that supports the IE AppContainer:


// Create a Semaphore
// Input VARIANT is in form PRIVATENAMESPACE\ObjectName
STDMETHODIMP DemoCreateSemaphore(_In_ LPVARIANT pvarName)
{
m_hSemaphore = CreateSemaphoreW(nullptr, 0, 10, V_BSTR(pvarName));
if (m_hSemaphore != nullptr)
{
        hr = SetKernelHandleAppContainer(m_hSemaphore, SYNCHRONIZE | SEMAPHORE_MODIFY_STATE);
    }
// ...
}

// Open a Semaphore
// Input VARIANT is in form PRIVATENAMESPACE\ObjectName
STDMETHODIMP DemoOpenSemaphore(_In_ LPVARIANT pvarName)
{
    m_hSemaphore = OpenSemaphoreW(SYNCHRONIZE | SEMAPHORE_MODIFY_STATE, FALSE, V_BSTR(pvarName));
// ...
}


Creating and opening named pipes

This example shows how to create and open a named pipe that supports the IE AppContainer.


// Create a Named Pipe
// Input VARIANT depends on the context of the named pipe; 
// see remarks following the example for details.
STDMETHODIMP DemoCreateNamedPipe(_In_ LPVARIANT pvarName)
{
// ...
    LPSECURITY_ATTRIBUTES lpSecurityAttributes = nullptr;
    m_hPipe = CreateNamedPipeW(V_BSTR(pvarName), dwOpenMode, dwPipeMode, dwMaxInstances, dwOutBufferSize, dwInBufferSize, dwDefaultTimeOut, lpSecurityAttributes);
    if (m_hPipe != INVALID_HANDLE_VALUE)
    {
        DWORD dwAccessMask = GENERIC_READ | GENERIC_WRITE;
        hr = SetFileHandleAppContainer(m_hPipe, dwAccessMask);
}
// ...
}

// Open a Named Pipe
// Input VARIANT depends on the context of the named pipe; 
// see remarks following the example for details.
STDMETHODIMP DemoOpenNamedPipe(_In_ LPVARIANT pvarPipeName)
{
    HRESULT hr = E_INVALIDARG;
    m_hPipe = CreateFileW(
        V_BSTR(pvarName),
        (FILE_GENERIC_READ | FILE_GENERIC_WRITE),
        0, nullptr, OPEN_EXISTING, 0, nullptr);
if (m_hPipe == INVALID_HANDLE_VALUE)
// ...
}


In this example, the value of the input VARIANT varies:

Creating and opening shared memory structures

Here's how to create and open a shared memory structure that supports the IE AppContainer:


// Create a Shared Memory segment
// Input VARIANT is in form PRIVATENAMESPACE\ObjectName
STDMETHODIMP DemoCreateSharedMemory(_In_ LPVARIANT pvarName)
{
    HANDLE hTemp = CreateFileMappingW(
        INVALID_HANDLE_VALUE, // Use pagefile
        nullptr,
        PAGE_READWRITE,
        0,
        dwByteCount,
        V_BSTR(pvarName));

    if (hTemp != nullptr)
    {
        hr = SetKernelHandleAppContainer(hTemp, FILE_MAP_READ | FILE_MAP_WRITE);
    }
// ...
}

// Open a Shared Memory segment
// Input VARIANT is in form PRIVATENAMESPACE\ObjectName
STDMETHODIMP DemoOpenSharedMemory(_In_ LPVARIANT pvarName)
{
    DWORD dwAccessMask = FILE_MAP_READ | FILE_MAP_WRITE;
    BOOL fInherit = FALSE;
    HANDLE hSM = OpenFileMappingW(dwAccessMask, fInherit, V_BSTR(pvarName));
// ...
}


Note  These examples use private functions (SetKernelHandleAppContainer and SetFileHandleAppContainer) to add an appropriate ACE to the DACL and to call AddMandatoryAce to adjust the integrity level of the handle to low integrity. The samples show flag values appropriate for the objects being updated.

Related topics

Enhanced protected mode (EPM) may be enabled on the desktop
Supporting enhanced protected mode (EPM)
Granting resource access to AppContainers
Determining integrity level and isolation

 

 

Show:
© 2014 Microsoft