10

我正在寻找在 .NET 中实现服务/客户端通信的命名管道,并遇到了这段代码,在初始化管道的服务器端时,必须为管道设置一个安全描述符。他们是这样做的:

PipeSecurity pipeSecurity = new PipeSecurity();

// Allow Everyone read and write access to the pipe.
pipeSecurity.SetAccessRule(new PipeAccessRule("Authenticated Users",
    PipeAccessRights.ReadWrite, AccessControlType.Allow));

// Allow the Administrators group full access to the pipe.
pipeSecurity.SetAccessRule(new PipeAccessRule("Administrators",
    PipeAccessRights.FullControl, AccessControlType.Allow));

但我正在查看它,我担心将 SID 指定为字符串或Authenticated Users部分Administrators。有什么保证他们会被称为中文或其他语言?

4

2 回答 2

3

您可以使用 WellKnownSidType 枚举来获取 sid 并转换为 IdentityReference:

        var sid = new SecurityIdentifier(WellKnownSidType.AuthenticatedUserSid, null);
        var everyone = sid.Translate(typeof(NTAccount));
        security.AddAccessRule(new PipeAccessRule(everyone, PipeAccessRights.ReadWrite, AccessControlType.Allow));
于 2016-06-29T13:45:17.127 回答
1

(摘自OP的原始问题)

我想出了这个替代方案:

PipeSecurity pipeSecurity = new PipeSecurity();

// Allow Everyone read and write access to the pipe.
pipeSecurity.SetAccessRule(new PipeAccessRule(
    "Authenticated Users",
    new SecurityIdentifier(WellKnownSidType.AuthenticatedUserSid, null),   
    PipeAccessRights.ReadWrite, AccessControlType.Allow));

// Allow the Administrators group full access to the pipe.
pipeSecurity.SetAccessRule(new PipeAccessRule(
    "Administrators",
    new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null),   
    PipeAccessRights.FullControl, AccessControlType.Allow));
于 2015-04-20T02:26:19.687 回答