CreateNamedPipe() 中的 lpSecurityAttributes 需要多长的生命周期?
- 我多久可以销毁传递给
CreateNamedPipe()
的lpSecurityAttributes
指向的结构? - 我是否需要为每个管道实例分配一个单独的管道实例?
CreateNamedPipe() 的 MSDN 文档 说:
lpSecurityAttributes [输入,可选]
指向 SECURITY_ATTRIBUTES 结构的指针,该结构指定新命名管道的安全描述符...
强调我的。 “new”是指新的命名管道,还是命名管道的新实例?它接着说:
备注
要使用 CreateNamedPipe 创建命名管道的实例, 用户必须具有对命名管道的 FILE_CREATE_PIPE_INSTANCE 访问权限 目的。 如果正在创建新的命名管道,访问控制列表 (ACL)由安全属性参数定义任意 命名管道的访问控制。
(再次强调我的。)人们可以将其理解为仅在创建命名管道(一个新命名管道)的第一个实例时才使用lpSecurityAttributes
,并且创建同一命名管道的更多实例时被忽略。如果是这样,则只需要 lpSecurityAttributes
结构的一个实例。
或者也许您必须为每个实例传递一个有效的 lpSecurityAttributes,但它可以(应该?)是相同的?
或者也许您必须为每个管道实例分配一个新的 SECURITY_ATTRIBUTES 结构?
我的相关问题 - SECURITY_ATTRIBUTES 结构可以在对 CreateNamedPipe() 的调用返回后立即销毁,还是必须保持有效直到最后一个句柄(到管道,或只是该管道实例?)已关闭 - 甚至没有得到解决。
这两个问题有人有明确的答案吗?
- How soon can I destroy the structure pointed to by
lpSecurityAttributes
passed toCreateNamedPipe()
? - Do I need a separate one for each pipe instance?
The MSDN documentation for CreateNamedPipe() says:
lpSecurityAttributes [in, optional]
A pointer to a SECURITY_ATTRIBUTES structure that specifies a security descriptor for the new named pipe...
Emphasis mine. Does 'new' mean new named pipe, or new instance of the named pipe? It goes on to say:
Remarks
To create an instance of a named pipe by using CreateNamedPipe, the
user must have FILE_CREATE_PIPE_INSTANCE access to the named pipe
object. If a new named pipe is being created, the access control list
(ACL) from the security attributes parameter defines the discretionary
access control for the named pipe.
(Again, emphasis mine.) One could read this as meaning that lpSecurityAttributes
is used only when creating the first instance of the named pipe (a new named pipe), and is ignored when creating further instances of the same named pipe. If so, then only one instance of the lpSecurityAttributes
structure is required.
Or maybe you have to pass in a valid lpSecurityAttributes for each instance, but it can (should?) be the same one?
Or perhaps you have to allocate a new SECURITY_ATTRIBUTES structure for each pipe instance?
My related question - can the SECURITY_ATTRIBUTES structure be destroyed as soon as the call to CreateNamedPipe()
returns or does it have to remain valid until the last handle (to the pipe, or just that pipe instance?) is closed - isn't even addressed.
Does anyone have definitive answers to these two questions?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
您需要将有效的 SECURITY_ATTRIBUTES 结构或 NULL 传递给对 CreateNamedPipe 的每次调用。您可以为其他调用重用相同的结构,也可以使用单独的结构,以更方便的为准。在来自不同线程的多个同时调用中使用相同的结构可能不安全 - 我怀疑它会没问题,但无论如何我都会避免它。
“新”意味着“新管道”而不是“新实例”。如果命名管道已存在,则不会使用 lpSecurityDescriptor 成员中的 ACL。因此,如果您知道正在创建现有管道的新实例,并且不需要设置 bInheritHandle,则应该为 lpSecurityAttributes 传递 NULL。如果确实需要设置 bInheritHandle,请确保 lpSecurityDescriptor 为 NULL 或指向有效的安全描述符。
正如已经提到的,一旦调用返回,lpSecurityAttributes 中的内容就可以被丢弃(除非您计划在另一个调用中重用它!),是的,其中包括分配给安全描述符的内存。
You need to pass either a valid SECURITY_ATTRIBUTES structure or NULL to every call to CreateNamedPipe. You can either reuse the same structure for additional calls or use separate structures, whichever is more convenient. It might not be safe to use the same structure in multiple simultaneous calls from separate threads - I suspect it would be OK, but I'd avoid it anyway.
'New' means 'new pipe' not 'new instance'. The ACL in the lpSecurityDescriptor member is not used if the named pipe already exists. Therefore, if you know you are creating a new instance of an existing pipe, and do not need to set bInheritHandle, you should just pass NULL for lpSecurityAttributes. If you do need to set bInheritHandle, then make sure that lpSecurityDescriptor is either NULL or points to a valid security descriptor.
As already mentioned, the content in lpSecurityAttributes can be discarded as soon as the call returns (unless you're planning to reuse it in another call!) and yes, that includes the memory allocated to the security descriptor.
调用完成后将复制该结构。这适用于创建内核对象时的所有安全描述符调用。
因此:调用后您可以丢弃它的内容。
The structure is copied when the call is finished. This is for all security descriptor calls when kernel objects are created.
Thus: after the call you can discard it's content.