Reputation: 22285
Trying to create a global file mapping object from a user-mode process fails
I have a Windows app that runs without requiring elevation. I need to create a file mapping object for a memory array to be shared between all running instances of the app (note that some of those instances may run in different logon sessions.)
I call the CreateFileMapping API to create it, with a global name, i.e. Global\sharedname, using a security descriptor that gives all access to everyone but that API fails with error code 5, or ERROR_ACCESS_DENIED.
I then started reading the docs and found that my process is required the SeCreateGlobalPrivilege privilege. But then when I try to assign that privilege the AdjustTokenPrivileges returns error code ERROR_NOT_ALL_ASSIGNED, and I'm stuck....
So what's the trick here, how does that freakin' MS want us to do it???
PS. I can previously create a global named mutex (for synchronized access to the shared memory) with the same all access for everyone security descriptor and Global\sharedmutex name without a problem.
Upvotes: 2
Views: 2217
Answers (1)
Reputation: 597285
Only administrators, and services running in session 0, can gain the SeCreateGlobalPrivilege privilege needed to create file mappings in the Global namespace. Assuming you do not want to re-write your code into a service, you will have to spawn a separate elevated process to create the file mapping.
Upvotes: 6
Related Questions
- Inter-process communication (C++ to C#) using Memory mapped file (IOException)
- CreateFileMapping, MapViewOfFile, handle leaking c++
- Write into mapped file
- When error 1224: ERROR_USER_MAPPED_FILE occurs?
- WinAPI Thread unable to write to memory mapped file
- Access denied on CreateFileMapping when run under different user accounts with runas
- User process can't see global shared memory created by service
- Memory-Mapped file can't be found by the process that just created it
- Mapped file not displaying info
- SetFilePointer() on another's process file handle fails