ahm*_*md0 10 .net c# windows security sid
我正在寻找在.NET中实现服务/客户端通信的命名管道,并且遇到了这样的代码,虽然初始化管道的服务器端必须为管道设置安全描述符.他们这样做了:
PipeSecurity pipeSecurity = new PipeSecurity();
// Allow Everyone read and write access to the pipe.
pipeSecurity.SetAccessRule(new PipeAccessRule("Authenticated Users",
PipeAccessRights.ReadWrite, AccessControlType.Allow));
// Allow the Administrators group full access to the pipe.
pipeSecurity.SetAccessRule(new PipeAccessRule("Administrators",
PipeAccessRights.FullControl, AccessControlType.Allow));
但我看着它,我很担心,指定的SID为字符串,或Authenticated Users和Administrators零件.用中文或其他语言来称呼它们的保证是什么?
您可以使用 WellKnownSidType 枚举来获取 sid 并转换为 IdentityReference:
var sid = new SecurityIdentifier(WellKnownSidType.AuthenticatedUserSid, null);
var everyone = sid.Translate(typeof(NTAccount));
security.AddAccessRule(new PipeAccessRule(everyone, PipeAccessRights.ReadWrite, AccessControlType.Allow));
(摘自OP的原始问题)
我想出了这个替代方案:
PipeSecurity pipeSecurity = new PipeSecurity();
// Allow Everyone read and write access to the pipe.
pipeSecurity.SetAccessRule(new PipeAccessRule(
"Authenticated Users",
new SecurityIdentifier(WellKnownSidType.AuthenticatedUserSid, null),
PipeAccessRights.ReadWrite, AccessControlType.Allow));
// Allow the Administrators group full access to the pipe.
pipeSecurity.SetAccessRule(new PipeAccessRule(
"Administrators",
new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null),
PipeAccessRights.FullControl, AccessControlType.Allow));