Creating and opening securable objects
In earlier versions of Windows, it was possible to open and read (though not necessarily write) many temporary objects by passing NULL parameter values to the relevant function. Starting with Windows 8, this is no longer possible because AppContainer isolation restricts all access by default. To gain access to a securable object (read, write, or otherwise), you need to pass appropriate parameter values when opening handles to those resources. Use these examples to do so..
Creating and opening objects
Windows contains a number of different objects that require handles. This section shows how to create and open object handles for many common objects.
Creating and opening events
This example shows how to create and open a named event that supports the Internet Explorer AppContainer:
// Create an Event // Input VARIANT is in form PRIVATENAMESPACE\ObjectName STDMETHODIMP DemoCreateEvent(_In_ LPVARIANT pvarName) { m_hEvent = CreateEventW(nullptr, FALSE, FALSE, V_BSTR(pvarName)); if (m_hEvent != nullptr) { hr = SetKernelHandleAppContainer(m_hEvent, SYNCHRONIZE | EVENT_MODIFY_STATE); } // ... } // Open an Event // Input VARIANT is in form PRIVATENAMESPACE\ObjectName STDMETHODIMP DemoOpenEvent(_In_ LPVARIANT pvarName) { m_hEvent = OpenEventW(SYNCHRONIZE | EVENT_MODIFY_STATE, FALSE, V_BSTR(pvarName)); // ... }
Creating and opening mutexes
This example shows how to create and open a mutex that supports the IE AppContainer:
//Create a mutex // Input VARIANT is in form PRIVATENAMESPACE\ObjectName STDMETHODIMP DemoCreateMutex(_In_ LPVARIANT pvarName) { m_hMutex = CreateMutexW(nullptr, FALSE, V_BSTR(pvarName),); if (m_hMutex != nullptr) { hr = SetKernelHandleAppContainer(m_hMutex, SYNCHRONIZE | MUTEX_MODIFY_STATE); } // ... } // Open a Mutex // Input VARIANT is in form PRIVATENAMESPACE\ObjectName STDMETHODIMP DemoOpenMutex(_In_ LPVARIANT pvarName) { m_hMutex = OpenMutexW(SYNCHRONIZE | MUTEX_MODIFY_STATE, FALSE, V_BSTR(pvarName)); // ... }
Creating and opening semaphors
Here's how to create and open a semaphor that supports the IE AppContainer:
// Create a Semaphore // Input VARIANT is in form PRIVATENAMESPACE\ObjectName STDMETHODIMP DemoCreateSemaphore(_In_ LPVARIANT pvarName) { m_hSemaphore = CreateSemaphoreW(nullptr, 0, 10, V_BSTR(pvarName)); if (m_hSemaphore != nullptr) { hr = SetKernelHandleAppContainer(m_hSemaphore, SYNCHRONIZE | SEMAPHORE_MODIFY_STATE); } // ... } // Open a Semaphore // Input VARIANT is in form PRIVATENAMESPACE\ObjectName STDMETHODIMP DemoOpenSemaphore(_In_ LPVARIANT pvarName) { m_hSemaphore = OpenSemaphoreW(SYNCHRONIZE | SEMAPHORE_MODIFY_STATE, FALSE, V_BSTR(pvarName)); // ... }
Creating and opening named pipes
This example shows how to create and open a named pipe that supports the IE AppContainer.
// Create a Named Pipe // Input VARIANT depends on the context of the named pipe; // see remarks following the example for details. STDMETHODIMP DemoCreateNamedPipe(_In_ LPVARIANT pvarName) { // ... LPSECURITY_ATTRIBUTES lpSecurityAttributes = nullptr; m_hPipe = CreateNamedPipeW(V_BSTR(pvarName), dwOpenMode, dwPipeMode, dwMaxInstances, dwOutBufferSize, dwInBufferSize, dwDefaultTimeOut, lpSecurityAttributes); if (m_hPipe != INVALID_HANDLE_VALUE) { DWORD dwAccessMask = GENERIC_READ | GENERIC_WRITE; hr = SetFileHandleAppContainer(m_hPipe, dwAccessMask); } // ... } // Open a Named Pipe // Input VARIANT depends on the context of the named pipe; // see remarks following the example for details. STDMETHODIMP DemoOpenNamedPipe(_In_ LPVARIANT pvarPipeName) { HRESULT hr = E_INVALIDARG; m_hPipe = CreateFileW( V_BSTR(pvarName), (FILE_GENERIC_READ | FILE_GENERIC_WRITE), 0, nullptr, OPEN_EXISTING, 0, nullptr); if (m_hPipe == INVALID_HANDLE_VALUE) // ... }
In this example, the value of the input VARIANT varies:
-
For named pipes in non-AppContainer processes, the name is similar to "\\.\pipe\name".
-
For AppContainer processes, the path depends on the session ID and the AppContainer SID.
-
Use the TokenSessionId enumeration value with GetTokenInformation to get the session number.
-
Use the TokenAppContainerSid enumeration value with GetTokenInformation to obtain the SID.
-
When you have both values, call GetAppContainerNamedObjectPath.
The resulting name should be in the form "\\.\pipe\Sessions\SessionNumber\AppContainerNamedObjectPath\name".
-
Creating and opening shared memory structures
Here's how to create and open a shared memory structure that supports the IE AppContainer:
// Create a Shared Memory segment // Input VARIANT is in form PRIVATENAMESPACE\ObjectName STDMETHODIMP DemoCreateSharedMemory(_In_ LPVARIANT pvarName) { HANDLE hTemp = CreateFileMappingW( INVALID_HANDLE_VALUE, // Use pagefile nullptr, PAGE_READWRITE, 0, dwByteCount, V_BSTR(pvarName)); if (hTemp != nullptr) { hr = SetKernelHandleAppContainer(hTemp, FILE_MAP_READ | FILE_MAP_WRITE); } // ... } // Open a Shared Memory segment // Input VARIANT is in form PRIVATENAMESPACE\ObjectName STDMETHODIMP DemoOpenSharedMemory(_In_ LPVARIANT pvarName) { DWORD dwAccessMask = FILE_MAP_READ | FILE_MAP_WRITE; BOOL fInherit = FALSE; HANDLE hSM = OpenFileMappingW(dwAccessMask, fInherit, V_BSTR(pvarName)); // ... }
Related topics
- Enhanced protected mode (EPM) may be enabled on the desktop
- Supporting enhanced protected mode (EPM)
- Granting resource access to AppContainers
- Determining integrity level and isolation