通过 Internet Explorer 与服务交互
我试图让 IE9 在保护模式下运行时与 COM 服务(使用 Visual Studio 2010 的向导创建)交互。如果我以管理员身份运行该服务而不是将其注册为服务,则我的 BHO 对 spUnk.CoCreateInstance 的调用将返回 S_OK(我正在观看 AtlTrace 的输出)。如果 IE 以管理员身份运行,BHO 还能够成功调用 spUnk.CoCreateInstance。但是,如果我将服务注册为实际服务并运行,并在保护模式下运行 IE,spUnk.CoCreateInstance 将返回 0x80070005(访问被拒绝)。我知道 IE 至少能够找到该服务,因为如果该服务未注册或已注册但通过 services.msc 设置为“禁用”,我会收到其他错误。
有没有办法修改服务、BHO 或注册表,以便对 spUnk.CoCreateInstance 的调用成功?
相关代码:
注册表项(根据MSDN:从保护模式启动进程):
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\
Low Rights\ElevationPolicy\{89091D9A-1F9A-4721-993B-D72C2333AAD1}]
"AppName"="tstsrv.exe"
"AppPath"="C:\\path\\tstsrv\\Debug"
"Policy"=dword:00000003
"CLSID"="{90719221-2DE2-45c2-B8CB-2018C4D66C48}"
用于调用服务的 BHO 代码(hr = spUnk.CoCreateInstance(CLSID_tstsrv); 是有问题的行):
MyAddin::SetSite(IUnknown *pUnkSite) {
//...
GUID CLSID_tstsrv = { 0x90719221, 0x2de2, 0x45c2, { 0xb8, 0xcb, 0x20,
0x18, 0xc4, 0xd6, 0x6c, 0x48 } };
CComPtr<IUnknown> spUnk;
hr = spUnk.CoCreateInstance(CLSID_tstsrv);
AtlTrace("CoCreateInstance(CLSID_tstsrv) => %p [%08x]\n", spUnk.p, hr);
//...
}
一些服务的初始化代码:
HRESULT CtstsrvModule::InitializeSecurity(void)
{
if(m_bSecurityInitialized) return S_OK;
m_bSecurityInitialized = true;
return ::CoInitializeSecurity(NULL, -1, NULL, NULL, RPC_C_AUTHN_LEVEL_PKT,
RPC_C_IMP_LEVEL_IDENTIFY, NULL, EOAC_DYNAMIC_CLOAKING, 0);
}
I am attempting to have IE9 interact with a COM service (created using Visual Studio 2010's wizard) while running in protected mode. If I run the service as admin rather than registering it as a service, my BHO's call to spUnk.CoCreateInstance returns S_OK (I am watching AtlTrace's output). The BHO is also able to successfully call spUnk.CoCreateInstance if IE is running as admin. However, if I register and run service as an actual service and run IE in protected mode, spUnk.CoCreateInstance returns 0x80070005 (access denied). I know that IE is at least able to find the service as I get other errors if the service is not registered or if it is registered but set to "Disabled" via services.msc.
Is there a way to modify the service, BHO, or registry so that the call to spUnk.CoCreateInstance succeeds?
Relevant Code:
Registry entries (per MSDN: Starting Processes from Protected Mode):
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\
Low Rights\ElevationPolicy\{89091D9A-1F9A-4721-993B-D72C2333AAD1}]
"AppName"="tstsrv.exe"
"AppPath"="C:\\path\\tstsrv\\Debug"
"Policy"=dword:00000003
"CLSID"="{90719221-2DE2-45c2-B8CB-2018C4D66C48}"
BHO Code used to call the service (hr = spUnk.CoCreateInstance(CLSID_tstsrv); is the line having problems):
MyAddin::SetSite(IUnknown *pUnkSite) {
//...
GUID CLSID_tstsrv = { 0x90719221, 0x2de2, 0x45c2, { 0xb8, 0xcb, 0x20,
0x18, 0xc4, 0xd6, 0x6c, 0x48 } };
CComPtr<IUnknown> spUnk;
hr = spUnk.CoCreateInstance(CLSID_tstsrv);
AtlTrace("CoCreateInstance(CLSID_tstsrv) => %p [%08x]\n", spUnk.p, hr);
//...
}
Some of the service's initialization code:
HRESULT CtstsrvModule::InitializeSecurity(void)
{
if(m_bSecurityInitialized) return S_OK;
m_bSecurityInitialized = true;
return ::CoInitializeSecurity(NULL, -1, NULL, NULL, RPC_C_AUTHN_LEVEL_PKT,
RPC_C_IMP_LEVEL_IDENTIFY, NULL, EOAC_DYNAMIC_CLOAKING, 0);
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
又花了一个小时的时间,我发现调用 此代码 (archive.org) (
SetLaunchActPermissions和GetLaunchActPermissionsWithIL) 使其正常工作。从该页面:
Another hour of mucking with this and I discovered that calling this code (archive.org) (
SetLaunchActPermissionsandGetLaunchActPermissionsWithIL) makes it work.From that page: