我正在寻找在.NET中实现一个命名pipe道的服务/客户端通信,并遇到这个代码 ,当初始化pipe道的服务器端必须build立一个pipe道的安全描述符。 他们这样做:
PipeSecurity pipeSecurity = new PipeSecurity(); // Allow Everyone read and write access to the pipe. pipeSecurity.SetAccessRule(new PipeAccessRule("Authenticated Users", PipeAccessRights.ReadWrite, AccessControlType.Allow)); // Allow the Administrators group full access to the pipe. pipeSecurity.SetAccessRule(new PipeAccessRule("Administrators", PipeAccessRights.FullControl, AccessControlType.Allow)); 但是我正在看,而且我很担心指定SID作为string或Authenticated Users和Administrators部分。 有什么保证他们会用中文或其他语言来称呼他们呢?
(摘自OP的原始问题)
我想出了这个选择:
PipeSecurity pipeSecurity = new PipeSecurity(); // Allow Everyone read and write access to the pipe. pipeSecurity.SetAccessRule(new PipeAccessRule( "Authenticated Users", new SecurityIdentifier(WellKnownSidType.AuthenticatedUserSid, null), PipeAccessRights.ReadWrite, AccessControlType.Allow)); // Allow the Administrators group full access to the pipe. pipeSecurity.SetAccessRule(new PipeAccessRule( "Administrators", new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null), PipeAccessRights.FullControl, AccessControlType.Allow));
您可以使用WellKnownSidType枚举来获取sid并转换成IdentityReference:
var sid = new SecurityIdentifier(WellKnownSidType.AuthenticatedUserSid, null); var everyone = sid.Translate(typeof(NTAccount)); security.AddAccessRule(new PipeAccessRule(everyone, PipeAccessRights.ReadWrite, AccessControlType.Allow));