Mutex.GetAccessControl Método
Definição
Importante
Algumas informações se referem a produtos de pré-lançamento que podem ser substancialmente modificados antes do lançamento. A Microsoft não oferece garantias, expressas ou implícitas, das informações aqui fornecidas.
Obtém um objeto MutexSecurity que representa a segurança do controle de acesso para o mutex nomeado.
public:
System::Security::AccessControl::MutexSecurity ^ GetAccessControl();
public System.Security.AccessControl.MutexSecurity GetAccessControl ();
member this.GetAccessControl : unit -> System.Security.AccessControl.MutexSecurity
Public Function GetAccessControl () As MutexSecurity
Retornos
Um objeto MutexSecurity que representa a segurança do controle de acesso para o mutex nomeado.
Exceções
O objeto Mutex atual representa um mutex nomeado do sistema, mas o usuário não tem ReadPermissions.
- ou - O objeto Mutex atual representa um mutex nomeado do sistema e não foi aberto com ReadPermissions.
Exemplos
O exemplo de código a seguir demonstra o comportamento entre processos de um mutex nomeado com segurança de controle de acesso. O exemplo usa a sobrecarga do OpenExisting(String) método para testar a existência de um mutex nomeado.
Se o mutex não existir, ele será criado com a segurança de controle de acesso e propriedade inicial que nega ao usuário atual o direito de usar o mutex, mas concede o direito de ler e alterar permissões no mutex.
Se você executar o exemplo compilado em duas janelas de comando, a segunda cópia lançará uma exceção de violação de acesso na chamada para OpenExisting(String). A exceção é capturada e o exemplo usa a sobrecarga do OpenExisting(String, MutexRights) método para abrir o mutex com os direitos necessários para ler e alterar as permissões, usando e métodos GetAccessControl SetAccessControl .
Depois que as permissões são alteradas, o mutex é aberto com os direitos necessários para inseri-lo e liberá-lo. Se você executar o exemplo compilado em uma terceira janela de comando, ele será executado usando as novas permissões.
using namespace System;
using namespace System::Threading;
using namespace System::Security::AccessControl;
using namespace System::Security::Permissions;
public ref class Example
{
public:
[SecurityPermissionAttribute(SecurityAction::Demand,Flags=SecurityPermissionFlag::UnmanagedCode)]
static void Main()
{
String^ mutexName = L"MutexExample4";
Mutex^ m = nullptr;
bool doesNotExist = false;
bool unauthorized = false;
// The value of this variable is set by the mutex
// constructor. It is true if the named system mutex was
// created, and false if the named mutex already existed.
//
bool mutexWasCreated = false;
// Attempt to open the named mutex.
try
{
// Open the mutex with (MutexRights.Synchronize |
// MutexRights.Modify), to enter and release the
// named mutex.
//
m = Mutex::OpenExisting( mutexName );
}
catch ( WaitHandleCannotBeOpenedException^ )
{
Console::WriteLine( L"Mutex does not exist." );
doesNotExist = true;
}
catch ( UnauthorizedAccessException^ ex )
{
Console::WriteLine( L"Unauthorized access: {0}", ex->Message );
unauthorized = true;
}
// There are three cases: (1) The mutex does not exist.
// (2) The mutex exists, but the current user doesn't
// have access. (3) The mutex exists and the user has
// access.
//
if ( doesNotExist )
{
// The mutex does not exist, so create it.
// Create an access control list (ACL) that denies the
// current user the right to enter or release the
// mutex, but allows the right to read and change
// security information for the mutex.
//
String^ user = String::Concat( Environment::UserDomainName, L"\\",
Environment::UserName );
MutexSecurity^ mSec = gcnew MutexSecurity;
MutexAccessRule^ rule = gcnew MutexAccessRule( user,
static_cast<MutexRights>(
MutexRights::Synchronize |
MutexRights::Modify),
AccessControlType::Deny );
mSec->AddAccessRule( rule );
rule = gcnew MutexAccessRule( user,
static_cast<MutexRights>(
MutexRights::ReadPermissions |
MutexRights::ChangePermissions),
AccessControlType::Allow );
mSec->AddAccessRule( rule );
// Create a Mutex object that represents the system
// mutex named by the constant 'mutexName', with
// initial ownership for this thread, and with the
// specified security access. The Boolean value that
// indicates creation of the underlying system object
// is placed in mutexWasCreated.
//
m = gcnew Mutex( true,mutexName, mutexWasCreated,mSec );
// If the named system mutex was created, it can be
// used by the current instance of this program, even
// though the current user is denied access. The current
// program owns the mutex. Otherwise, exit the program.
//
if ( mutexWasCreated )
{
Console::WriteLine( L"Created the mutex." );
}
else
{
Console::WriteLine( L"Unable to create the mutex." );
return;
}
}
else if ( unauthorized )
{
// Open the mutex to read and change the access control
// security. The access control security defined above
// allows the current user to do this.
//
try
{
m = Mutex::OpenExisting( mutexName,
static_cast<MutexRights>(
MutexRights::ReadPermissions |
MutexRights::ChangePermissions) );
// Get the current ACL. This requires
// MutexRights.ReadPermissions.
MutexSecurity^ mSec = m->GetAccessControl();
String^ user = String::Concat( Environment::UserDomainName,
L"\\", Environment::UserName );
// First, the rule that denied the current user
// the right to enter and release the mutex must
// be removed.
MutexAccessRule^ rule = gcnew MutexAccessRule( user,
static_cast<MutexRights>(
MutexRights::Synchronize |
MutexRights::Modify),
AccessControlType::Deny );
mSec->RemoveAccessRule( rule );
// Now grant the user the correct rights.
//
rule = gcnew MutexAccessRule( user,
static_cast<MutexRights>(
MutexRights::Synchronize |
MutexRights::Modify),
AccessControlType::Allow );
mSec->AddAccessRule( rule );
// Update the ACL. This requires
// MutexRights.ChangePermissions.
m->SetAccessControl( mSec );
Console::WriteLine( L"Updated mutex security." );
// Open the mutex with (MutexRights.Synchronize
// | MutexRights.Modify), the rights required to
// enter and release the mutex.
//
m = Mutex::OpenExisting( mutexName );
}
catch ( UnauthorizedAccessException^ ex )
{
Console::WriteLine(
L"Unable to change permissions: {0}", ex->Message );
return;
}
}
// If this program created the mutex, it already owns
// the mutex.
//
if ( !mutexWasCreated )
{
// Enter the mutex, and hold it until the program
// exits.
//
try
{
Console::WriteLine( L"Wait for the mutex." );
m->WaitOne();
Console::WriteLine( L"Entered the mutex." );
}
catch ( UnauthorizedAccessException^ ex )
{
Console::WriteLine( L"Unauthorized access: {0}",
ex->Message );
}
}
Console::WriteLine( L"Press the Enter key to exit." );
Console::ReadLine();
m->ReleaseMutex();
m->Dispose();
}
};
int main()
{
Example::Main();
}
using System;
using System.Threading;
using System.Security.AccessControl;
internal class Example
{
internal static void Main()
{
const string mutexName = "MutexExample4";
Mutex m = null;
bool doesNotExist = false;
bool unauthorized = false;
// The value of this variable is set by the mutex
// constructor. It is true if the named system mutex was
// created, and false if the named mutex already existed.
//
bool mutexWasCreated = false;
// Attempt to open the named mutex.
try
{
// Open the mutex with (MutexRights.Synchronize |
// MutexRights.Modify), to enter and release the
// named mutex.
//
m = Mutex.OpenExisting(mutexName);
}
catch(WaitHandleCannotBeOpenedException)
{
Console.WriteLine("Mutex does not exist.");
doesNotExist = true;
}
catch(UnauthorizedAccessException ex)
{
Console.WriteLine("Unauthorized access: {0}", ex.Message);
unauthorized = true;
}
// There are three cases: (1) The mutex does not exist.
// (2) The mutex exists, but the current user doesn't
// have access. (3) The mutex exists and the user has
// access.
//
if (doesNotExist)
{
// The mutex does not exist, so create it.
// Create an access control list (ACL) that denies the
// current user the right to enter or release the
// mutex, but allows the right to read and change
// security information for the mutex.
//
string user = Environment.UserDomainName + "\\"
+ Environment.UserName;
var mSec = new MutexSecurity();
MutexAccessRule rule = new MutexAccessRule(user,
MutexRights.Synchronize | MutexRights.Modify,
AccessControlType.Deny);
mSec.AddAccessRule(rule);
rule = new MutexAccessRule(user,
MutexRights.ReadPermissions | MutexRights.ChangePermissions,
AccessControlType.Allow);
mSec.AddAccessRule(rule);
// Create a Mutex object that represents the system
// mutex named by the constant 'mutexName', with
// initial ownership for this thread, and with the
// specified security access. The Boolean value that
// indicates creation of the underlying system object
// is placed in mutexWasCreated.
//
m = new Mutex(true, mutexName, out mutexWasCreated, mSec);
// If the named system mutex was created, it can be
// used by the current instance of this program, even
// though the current user is denied access. The current
// program owns the mutex. Otherwise, exit the program.
//
if (mutexWasCreated)
{
Console.WriteLine("Created the mutex.");
}
else
{
Console.WriteLine("Unable to create the mutex.");
return;
}
}
else if (unauthorized)
{
// Open the mutex to read and change the access control
// security. The access control security defined above
// allows the current user to do this.
//
try
{
m = Mutex.OpenExisting(mutexName,
MutexRights.ReadPermissions | MutexRights.ChangePermissions);
// Get the current ACL. This requires
// MutexRights.ReadPermissions.
MutexSecurity mSec = m.GetAccessControl();
string user = Environment.UserDomainName + "\\"
+ Environment.UserName;
// First, the rule that denied the current user
// the right to enter and release the mutex must
// be removed.
MutexAccessRule rule = new MutexAccessRule(user,
MutexRights.Synchronize | MutexRights.Modify,
AccessControlType.Deny);
mSec.RemoveAccessRule(rule);
// Now grant the user the correct rights.
//
rule = new MutexAccessRule(user,
MutexRights.Synchronize | MutexRights.Modify,
AccessControlType.Allow);
mSec.AddAccessRule(rule);
// Update the ACL. This requires
// MutexRights.ChangePermissions.
m.SetAccessControl(mSec);
Console.WriteLine("Updated mutex security.");
// Open the mutex with (MutexRights.Synchronize
// | MutexRights.Modify), the rights required to
// enter and release the mutex.
//
m = Mutex.OpenExisting(mutexName);
}
catch(UnauthorizedAccessException ex)
{
Console.WriteLine("Unable to change permissions: {0}",
ex.Message);
return;
}
}
// If this program created the mutex, it already owns
// the mutex.
//
if (!mutexWasCreated)
{
// Enter the mutex, and hold it until the program
// exits.
//
try
{
Console.WriteLine("Wait for the mutex.");
m.WaitOne();
Console.WriteLine("Entered the mutex.");
}
catch(UnauthorizedAccessException ex)
{
Console.WriteLine("Unauthorized access: {0}", ex.Message);
}
}
Console.WriteLine("Press the Enter key to exit.");
Console.ReadLine();
m.ReleaseMutex();
m.Dispose();
}
}
Imports System.Threading
Imports System.Security.AccessControl
Friend Class Example
<MTAThread> _
Friend Shared Sub Main()
Const mutexName As String = "MutexExample4"
Dim m As Mutex = Nothing
Dim doesNotExist as Boolean = False
Dim unauthorized As Boolean = False
' The value of this variable is set by the mutex
' constructor. It is True if the named system mutex was
' created, and False if the named mutex already existed.
'
Dim mutexWasCreated As Boolean
' Attempt to open the named mutex.
Try
' Open the mutex with (MutexRights.Synchronize Or
' MutexRights.Modify), to enter and release the
' named mutex.
'
m = Mutex.OpenExisting(mutexName)
Catch ex As WaitHandleCannotBeOpenedException
Console.WriteLine("Mutex does not exist.")
doesNotExist = True
Catch ex As UnauthorizedAccessException
Console.WriteLine("Unauthorized access: {0}", ex.Message)
unauthorized = True
End Try
' There are three cases: (1) The mutex does not exist.
' (2) The mutex exists, but the current user doesn't
' have access. (3) The mutex exists and the user has
' access.
'
If doesNotExist Then
' The mutex does not exist, so create it.
' Create an access control list (ACL) that denies the
' current user the right to enter or release the
' mutex, but allows the right to read and change
' security information for the mutex.
'
Dim user As String = Environment.UserDomainName _
& "\" & Environment.UserName
Dim mSec As New MutexSecurity()
Dim rule As New MutexAccessRule(user, _
MutexRights.Synchronize Or MutexRights.Modify, _
AccessControlType.Deny)
mSec.AddAccessRule(rule)
rule = New MutexAccessRule(user, _
MutexRights.ReadPermissions Or _
MutexRights.ChangePermissions, _
AccessControlType.Allow)
mSec.AddAccessRule(rule)
' Create a Mutex object that represents the system
' mutex named by the constant 'mutexName', with
' initial ownership for this thread, and with the
' specified security access. The Boolean value that
' indicates creation of the underlying system object
' is placed in mutexWasCreated.
'
m = New Mutex(True, mutexName, mutexWasCreated, mSec)
' If the named system mutex was created, it can be
' used by the current instance of this program, even
' though the current user is denied access. The current
' program owns the mutex. Otherwise, exit the program.
'
If mutexWasCreated Then
Console.WriteLine("Created the mutex.")
Else
Console.WriteLine("Unable to create the mutex.")
Return
End If
ElseIf unauthorized Then
' Open the mutex to read and change the access control
' security. The access control security defined above
' allows the current user to do this.
'
Try
m = Mutex.OpenExisting(mutexName, _
MutexRights.ReadPermissions Or _
MutexRights.ChangePermissions)
' Get the current ACL. This requires
' MutexRights.ReadPermissions.
Dim mSec As MutexSecurity = m.GetAccessControl()
Dim user As String = Environment.UserDomainName _
& "\" & Environment.UserName
' First, the rule that denied the current user
' the right to enter and release the mutex must
' be removed.
Dim rule As New MutexAccessRule(user, _
MutexRights.Synchronize Or MutexRights.Modify, _
AccessControlType.Deny)
mSec.RemoveAccessRule(rule)
' Now grant the user the correct rights.
'
rule = New MutexAccessRule(user, _
MutexRights.Synchronize Or MutexRights.Modify, _
AccessControlType.Allow)
mSec.AddAccessRule(rule)
' Update the ACL. This requires
' MutexRights.ChangePermissions.
m.SetAccessControl(mSec)
Console.WriteLine("Updated mutex security.")
' Open the mutex with (MutexRights.Synchronize
' Or MutexRights.Modify), the rights required to
' enter and release the mutex.
'
m = Mutex.OpenExisting(mutexName)
Catch ex As UnauthorizedAccessException
Console.WriteLine("Unable to change permissions: {0}", _
ex.Message)
Return
End Try
End If
' If this program created the mutex, it already owns
' the mutex.
'
If Not mutexWasCreated Then
' Enter the mutex, and hold it until the program
' exits.
'
Try
Console.WriteLine("Wait for the mutex.")
m.WaitOne()
Console.WriteLine("Entered the mutex.")
Catch ex As UnauthorizedAccessException
Console.WriteLine("Unauthorized access: {0}", _
ex.Message)
End Try
End If
Console.WriteLine("Press the Enter key to exit.")
Console.ReadLine()
m.ReleaseMutex()
m.Dispose()
End Sub
End Class
Comentários
O GetAccessControl método usa a seguinte combinação de sinalizadores (combinados usando a operação OR bit a bit) para pesquisar permissões: AccessControlSections.Access, AccessControlSections.Ownere AccessControlSections.Group.
O usuário deve ter que MutexRights.ReadPermissions chamar esse método e o mutex deve ter sido aberto com MutexRights.ReadPermissions.
Observação
No .NET Core e no .NET 5+, o método equivalente é GetAccessControl.