问题描述
我正在尝试为Internet Explorer 11(Windows 8.1)编写BHO。
我的BHO实现了AppContainer沙箱,但我似乎无法创建命名管道, CreateNamedPipe 失败并显示该消息:访问权限是拒绝。
I'm trying to write a BHO for Internet Explorer 11 (Windows 8.1).My BHO implements the AppContainer sandbox, but I can't seem to create a Named Pipe, CreateNamedPipe fails with that message: Access is denied.
这是我用来创建命名管道的代码(我在,最后评论:
Here's the code I'm using to create the named pipe (which I found on a russian website, last comment:
LPCWSTR LOW_INTEGRITY_SDDL_SACL_W = L"S:(ML;;NW;;;LW)D:(A;;0x120083;;;WD)(A;;0x120083;;;AC)";
PSECURITY_DESCRIPTOR pSD = NULL;
ConvertStringSecurityDescriptorToSecurityDescriptorW (
LOW_INTEGRITY_SDDL_SACL_W,
SDDL_REVISION_1,
&pSD,
NULL );
if ( pSD != NULL)
{
SECURITY_ATTRIBUTES SecurityAttributes;
SecurityAttributes.nLength = sizeof(SECURITY_ATTRIBUTES);
SecurityAttributes.bInheritHandle = TRUE;
SecurityAttributes.lpSecurityDescriptor = pSD;
HANDLE hPipe = CreateNamedPipe(
L"\\\\.\\pipe\\testpipe",
PIPE_ACCESS_DUPLEX,
PIPE_TYPE_BYTE | PIPE_READMODE_BYTE,
1,
4096,
4096,
1000,
&SecurityAttributes);
}
不幸的是,它不起作用。 GetLastError()像往常一样返回访问被拒绝。
Unfortunately, it doesn't work. GetLastError() returns this Access is denied as usual.
推荐答案
你无法在BHO中创建命名管道。但您可以在代理程序进程中创建它并从BHO连接到管道。
我是尖头评论的作者,我在我的IE插件的经纪人部分测试了代码。
You cannot create Named Pipe in BHO. But you can create it in your broker process and connect to the pipe from BHO.I'm author of the pointed comment and I tested the code in the broker part of my IE addon.
代码片段。在自动启动的exe(Delphi)中创建管道
The code snippets. Pipe creating in auto-started exe (Delphi)
function CreateAppContainerSecurityDescriptor(var SD: PSECURITY_DESCRIPTOR): boolean;
const
SDDL_REVISION_1 = 1;
var
pSD: PSECURITY_DESCRIPTOR;
ConvertStringSecurityDescriptorToSecurityDescriptor: TConvertStringSecurityDescriptorToSecurityDescriptorW;
begin
@ConvertStringSecurityDescriptorToSecurityDescriptor := GetProcAddress(AdvapiDll(),
'ConvertStringSecurityDescriptorToSecurityDescriptorW');
result := false;
if ConvertStringSecurityDescriptorToSecurityDescriptor('S:(ML;;NW;;;LW)D:(A;;0x120083;;;WD)(A;;0x120083;;;AC)',
SDDL_REVISION_1, pSD, nil) then begin
SD := pSD;
result := true;
end;
end;
function TPipeServer.Start: boolean;
var
SD: PSECURITY_DESCRIPTOR;
SecurityAttributes: SECURITY_ATTRIBUTES;
begin
result := false;
if Win32MajorVersion >= 6 then begin
if CreateAppContainerSecurityDescriptor(SD) then begin
SecurityAttributes.nLength := sizeof(SECURITY_ATTRIBUTES);
SecurityAttributes.bInheritHandle := true;
SecurityAttributes.lpSecurityDescriptor := SD;
PipeHandle := CreateNamedPipe('\\.\pipe\MyPipe', PIPE_ACCESS_DUPLEX,
PIPE_TYPE_BYTE or PIPE_READMODE_BYTE, 1, 0, 0, 1000, @SecurityAttributes);
result := PipeHandle <> INVALID_HANDLE_VALUE;
end;
end;
end;
procedure TPipeServer.Execute;
begin
if Start() then begin
while true do begin
if ConnectNamedPipe(PipeHandle, nil) then begin
...
end;
end;
end;
end;
在IE工具栏中连接管道(C ++)
Connecting to pipe in IE toolbar (C++)
#define PIPE_NAME "\\\\.\\pipe\\MYPipe"
LRESULT CMFToolbar::OnCommand(UINT uMsg, WPARAM wParam, LPARAM lParam, BOOL& bHandled)
{
...
HANDLE PipeHandle;
if (WaitNamedPipe(PIPE_NAME, NMPWAIT_WAIT_FOREVER) != 0) {
PipeHandle = CreateFile(PIPE_NAME, FILE_READ_DATA | FILE_WRITE_DATA,
0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
if (PipeHandle != INVALID_HANDLE_VALUE) {
WriteFile(PipeHandle, ...
CloseHandle(PipeHandle);
}
}
这篇关于有没有办法在IE11上从AppContainer BHO创建命名管道?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!