4

I am attempting to have IE9 interact with a COM service (created using Visual Studio 2010's wizard) while running in protected mode. If I run the service as admin rather than registering it as a service, my BHO's call to spUnk.CoCreateInstance returns S_OK (I am watching AtlTrace's output). The BHO is also able to successfully call spUnk.CoCreateInstance if IE is running as admin. However, if I register and run service as an actual service and run IE in protected mode, spUnk.CoCreateInstance returns 0x80070005 (access denied). I know that IE is at least able to find the service as I get other errors if the service is not registered or if it is registered but set to "Disabled" via services.msc.

Is there a way to modify the service, BHO, or registry so that the call to spUnk.CoCreateInstance succeeds?

Relevant Code:

Registry entries (per MSDN: Starting Processes from Protected Mode):

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\
    Low Rights\ElevationPolicy\{89091D9A-1F9A-4721-993B-D72C2333AAD1}]
"AppName"="tstsrv.exe"
"AppPath"="C:\\path\\tstsrv\\Debug"
"Policy"=dword:00000003
"CLSID"="{90719221-2DE2-45c2-B8CB-2018C4D66C48}"


BHO Code used to call the service (hr = spUnk.CoCreateInstance(CLSID_tstsrv); is the line having problems):

MyAddin::SetSite(IUnknown *pUnkSite) {
    //...
    GUID CLSID_tstsrv = { 0x90719221, 0x2de2, 0x45c2, { 0xb8, 0xcb, 0x20,
        0x18, 0xc4, 0xd6, 0x6c, 0x48 } };
    CComPtr<IUnknown> spUnk;
    hr = spUnk.CoCreateInstance(CLSID_tstsrv);
    AtlTrace("CoCreateInstance(CLSID_tstsrv) => %p [%08x]\n", spUnk.p, hr);
    //...
}


Some of the service's initialization code:

HRESULT CtstsrvModule::InitializeSecurity(void)
{
    if(m_bSecurityInitialized) return S_OK;
    m_bSecurityInitialized = true;
    return ::CoInitializeSecurity(NULL, -1, NULL, NULL, RPC_C_AUTHN_LEVEL_PKT,
        RPC_C_IMP_LEVEL_IDENTIFY, NULL, EOAC_DYNAMIC_CLOAKING, 0);
}
4

1 回答 1

3

Another hour of mucking with this and I discovered that calling this code (archive.org) (SetLaunchActPermissions and GetLaunchActPermissionsWithIL) makes it work.

From that page:

By default, COM will prevent Low IL clients from binding to running instances of any COM servers. To allow the bind, a COM server's Launch/Activation security descriptor must contain a SACL that specifies the Low IL label (see the previous section for the sample code to create such a security descriptor).

于 2011-10-03T21:31:45.543 回答