EventWaitHandle.SetAccessControl(EventWaitHandleSecurity) Метод
Определение
Важно!
Некоторые сведения относятся к предварительной версии продукта, в которую до выпуска могут быть внесены существенные изменения. Майкрософт не предоставляет никаких гарантий, явных или подразумеваемых, относительно приведенных здесь сведений.
Задает защиту управления доступом для именованного системного события.
public:
void SetAccessControl(System::Security::AccessControl::EventWaitHandleSecurity ^ eventSecurity);public void SetAccessControl (System.Security.AccessControl.EventWaitHandleSecurity eventSecurity);member this.SetAccessControl : System.Security.AccessControl.EventWaitHandleSecurity -> unitPublic Sub SetAccessControl (eventSecurity As EventWaitHandleSecurity)Параметры
- eventSecurity
- EventWaitHandleSecurity
Объект EventWaitHandleSecurity, определяющий настройки управления доступом для применения к именованному системному событию.
Исключения
eventSecurity имеет значение null.
Пользователь не имеет ChangePermissions.
-или- Событие не было открыто с ChangePermissions.
Текущий объект EventWaitHandle не представляет именованное системное событие.
Для данного объекта Close() ранее вызывался метод EventWaitHandle.
Примеры
В следующем примере кода демонстрируется межпроцессное поведение именованного системного события с безопасностью управления доступом. В примере используется перегрузка OpenExisting(String) метода для проверки наличия именованного события.
Если событие не существует, оно создается с начальной безопасностью владения и контроля доступа, которая запрещает текущему пользователю право использовать событие, но предоставляет право на чтение и изменение разрешений на событие.
При выполнении скомпилированного примера из двух командных окон вторая копия вызовет исключение OpenExisting(String)нарушения доступа. Исключение перехватится, и в примере используется перегрузка OpenExisting(String, EventWaitHandleRights) метода для ожидания события с правами, необходимыми для чтения и изменения разрешений.
После изменения разрешений с помощью SetAccessControl метода событие открывается с правами, необходимыми для ожидания и сигнала. При запуске скомпилированного примера из третьего командного окна этот пример выполняется с использованием новых разрешений.
using namespace System;
using namespace System::Threading;
using namespace System::Security::AccessControl;
using namespace System::Security::Permissions;
public ref class Example
{
public:
[SecurityPermissionAttribute(SecurityAction::Demand,Flags=SecurityPermissionFlag::UnmanagedCode)]
static void Main()
{
String^ ewhName = L"EventWaitHandleExample5";
EventWaitHandle^ ewh = nullptr;
bool doesNotExist = false;
bool unauthorized = false;
// The value of this variable is set by the event
// constructor. It is true if the named system event was
// created, and false if the named event already existed.
//
bool wasCreated;
// Attempt to open the named event.
try
{
// Open the event with (EventWaitHandleRights.Synchronize
// | EventWaitHandleRights.Modify), to wait on and
// signal the named event.
//
ewh = EventWaitHandle::OpenExisting( ewhName );
}
catch ( WaitHandleCannotBeOpenedException^ )
{
Console::WriteLine( L"Named event does not exist." );
doesNotExist = true;
}
catch ( UnauthorizedAccessException^ ex )
{
Console::WriteLine( L"Unauthorized access: {0}", ex->Message );
unauthorized = true;
}
// There are three cases: (1) The event does not exist.
// (2) The event exists, but the current user doesn't
// have access. (3) The event exists and the user has
// access.
//
if ( doesNotExist )
{
// The event does not exist, so create it.
// Create an access control list (ACL) that denies the
// current user the right to wait on or signal the
// event, but allows the right to read and change
// security information for the event.
//
String^ user = String::Concat( Environment::UserDomainName, L"\\",
Environment::UserName );
EventWaitHandleSecurity^ ewhSec = gcnew EventWaitHandleSecurity;
//following constructor fails
EventWaitHandleAccessRule^ rule = gcnew EventWaitHandleAccessRule(
user,
static_cast<EventWaitHandleRights>(
EventWaitHandleRights::Synchronize |
EventWaitHandleRights::Modify),
AccessControlType::Deny );
ewhSec->AddAccessRule( rule );
rule = gcnew EventWaitHandleAccessRule( user,
static_cast<EventWaitHandleRights>(
EventWaitHandleRights::ReadPermissions |
EventWaitHandleRights::ChangePermissions),
AccessControlType::Allow );
ewhSec->AddAccessRule( rule );
// Create an EventWaitHandle object that represents
// the system event named by the constant 'ewhName',
// initially signaled, with automatic reset, and with
// the specified security access. The Boolean value that
// indicates creation of the underlying system object
// is placed in wasCreated.
//
ewh = gcnew EventWaitHandle( true,
EventResetMode::AutoReset,
ewhName,
wasCreated,
ewhSec );
// If the named system event was created, it can be
// used by the current instance of this program, even
// though the current user is denied access. The current
// program owns the event. Otherwise, exit the program.
//
if ( wasCreated )
{
Console::WriteLine( L"Created the named event." );
}
else
{
Console::WriteLine( L"Unable to create the event." );
return;
}
}
else if ( unauthorized )
{
// Open the event to read and change the access control
// security. The access control security defined above
// allows the current user to do this.
//
try
{
ewh = EventWaitHandle::OpenExisting( ewhName,
static_cast<EventWaitHandleRights>(
EventWaitHandleRights::ReadPermissions |
EventWaitHandleRights::ChangePermissions) );
// Get the current ACL. This requires
// EventWaitHandleRights.ReadPermissions.
EventWaitHandleSecurity^ ewhSec = ewh->GetAccessControl();
String^ user = String::Concat( Environment::UserDomainName, L"\\",
Environment::UserName );
// First, the rule that denied the current user
// the right to enter and release the event must
// be removed.
EventWaitHandleAccessRule^ rule = gcnew EventWaitHandleAccessRule(
user,
static_cast<EventWaitHandleRights>(
EventWaitHandleRights::Synchronize |
EventWaitHandleRights::Modify),
AccessControlType::Deny );
ewhSec->RemoveAccessRule( rule );
// Now grant the user the correct rights.
//
rule = gcnew EventWaitHandleAccessRule( user,
static_cast<EventWaitHandleRights>(
EventWaitHandleRights::Synchronize |
EventWaitHandleRights::Modify),
AccessControlType::Allow );
ewhSec->AddAccessRule( rule );
// Update the ACL. This requires
// EventWaitHandleRights.ChangePermissions.
ewh->SetAccessControl( ewhSec );
Console::WriteLine( L"Updated event security." );
// Open the event with (EventWaitHandleRights.Synchronize
// | EventWaitHandleRights.Modify), the rights required
// to wait on and signal the event.
//
ewh = EventWaitHandle::OpenExisting( ewhName );
}
catch ( UnauthorizedAccessException^ ex )
{
Console::WriteLine( L"Unable to change permissions: {0}",
ex->Message );
return;
}
}
// Wait on the event, and hold it until the program
// exits.
//
try
{
Console::WriteLine( L"Wait on the event." );
ewh->WaitOne();
Console::WriteLine( L"Event was signaled." );
Console::WriteLine( L"Press the Enter key to signal the event and exit." );
Console::ReadLine();
}
catch ( UnauthorizedAccessException^ ex )
{
Console::WriteLine( L"Unauthorized access: {0}", ex->Message );
}
finally
{
ewh->Set();
}
}
};
int main()
{
Example::Main();
}
using System;
using System.Threading;
using System.Security.AccessControl;
internal class Example
{
internal static void Main()
{
const string ewhName = "EventWaitHandleExample5";
EventWaitHandle ewh = null;
bool doesNotExist = false;
bool unauthorized = false;
// The value of this variable is set by the event
// constructor. It is true if the named system event was
// created, and false if the named event already existed.
//
bool wasCreated;
// Attempt to open the named event.
try
{
// Open the event with (EventWaitHandleRights.Synchronize
// | EventWaitHandleRights.Modify), to wait on and
// signal the named event.
//
ewh = EventWaitHandle.OpenExisting(ewhName);
}
catch (WaitHandleCannotBeOpenedException)
{
Console.WriteLine("Named event does not exist.");
doesNotExist = true;
}
catch (UnauthorizedAccessException ex)
{
Console.WriteLine("Unauthorized access: {0}", ex.Message);
unauthorized = true;
}
// There are three cases: (1) The event does not exist.
// (2) The event exists, but the current user doesn't
// have access. (3) The event exists and the user has
// access.
//
if (doesNotExist)
{
// The event does not exist, so create it.
// Create an access control list (ACL) that denies the
// current user the right to wait on or signal the
// event, but allows the right to read and change
// security information for the event.
//
string user = Environment.UserDomainName + "\\"
+ Environment.UserName;
EventWaitHandleSecurity ewhSec =
new EventWaitHandleSecurity();
EventWaitHandleAccessRule rule =
new EventWaitHandleAccessRule(user,
EventWaitHandleRights.Synchronize |
EventWaitHandleRights.Modify,
AccessControlType.Deny);
ewhSec.AddAccessRule(rule);
rule = new EventWaitHandleAccessRule(user,
EventWaitHandleRights.ReadPermissions |
EventWaitHandleRights.ChangePermissions,
AccessControlType.Allow);
ewhSec.AddAccessRule(rule);
// Create an EventWaitHandle object that represents
// the system event named by the constant 'ewhName',
// initially signaled, with automatic reset, and with
// the specified security access. The Boolean value that
// indicates creation of the underlying system object
// is placed in wasCreated.
//
ewh = new EventWaitHandle(true,
EventResetMode.AutoReset,
ewhName,
out wasCreated,
ewhSec);
// If the named system event was created, it can be
// used by the current instance of this program, even
// though the current user is denied access. The current
// program owns the event. Otherwise, exit the program.
//
if (wasCreated)
{
Console.WriteLine("Created the named event.");
}
else
{
Console.WriteLine("Unable to create the event.");
return;
}
}
else if (unauthorized)
{
// Open the event to read and change the access control
// security. The access control security defined above
// allows the current user to do this.
//
try
{
ewh = EventWaitHandle.OpenExisting(ewhName,
EventWaitHandleRights.ReadPermissions |
EventWaitHandleRights.ChangePermissions);
// Get the current ACL. This requires
// EventWaitHandleRights.ReadPermissions.
EventWaitHandleSecurity ewhSec = ewh.GetAccessControl();
string user = Environment.UserDomainName + "\\"
+ Environment.UserName;
// First, the rule that denied the current user
// the right to enter and release the event must
// be removed.
EventWaitHandleAccessRule rule =
new EventWaitHandleAccessRule(user,
EventWaitHandleRights.Synchronize |
EventWaitHandleRights.Modify,
AccessControlType.Deny);
ewhSec.RemoveAccessRule(rule);
// Now grant the user the correct rights.
//
rule = new EventWaitHandleAccessRule(user,
EventWaitHandleRights.Synchronize |
EventWaitHandleRights.Modify,
AccessControlType.Allow);
ewhSec.AddAccessRule(rule);
// Update the ACL. This requires
// EventWaitHandleRights.ChangePermissions.
ewh.SetAccessControl(ewhSec);
Console.WriteLine("Updated event security.");
// Open the event with (EventWaitHandleRights.Synchronize
// | EventWaitHandleRights.Modify), the rights required
// to wait on and signal the event.
//
ewh = EventWaitHandle.OpenExisting(ewhName);
}
catch (UnauthorizedAccessException ex)
{
Console.WriteLine("Unable to change permissions: {0}",
ex.Message);
return;
}
}
// Wait on the event, and hold it until the program
// exits.
//
try
{
Console.WriteLine("Wait on the event.");
ewh.WaitOne();
Console.WriteLine("Event was signaled.");
Console.WriteLine("Press the Enter key to signal the event and exit.");
Console.ReadLine();
}
catch (UnauthorizedAccessException ex)
{
Console.WriteLine("Unauthorized access: {0}", ex.Message);
}
finally
{
ewh.Set();
}
}
}
Imports System.Threading
Imports System.Security.AccessControl
Friend Class Example
<MTAThread> _
Friend Shared Sub Main()
Const ewhName As String = "EventWaitHandleExample5"
Dim ewh As EventWaitHandle = Nothing
Dim doesNotExist as Boolean = False
Dim unauthorized As Boolean = False
' The value of this variable is set by the event
' constructor. It is True if the named system event was
' created, and False if the named event already existed.
'
Dim wasCreated As Boolean
' Attempt to open the named event.
Try
' Open the event with (EventWaitHandleRights.Synchronize
' Or EventWaitHandleRights.Modify), to wait on and
' signal the named event.
'
ewh = EventWaitHandle.OpenExisting(ewhName)
Catch ex As WaitHandleCannotBeOpenedException
Console.WriteLine("Named event does not exist.")
doesNotExist = True
Catch ex As UnauthorizedAccessException
Console.WriteLine("Unauthorized access: {0}", ex.Message)
unauthorized = True
End Try
' There are three cases: (1) The event does not exist.
' (2) The event exists, but the current user doesn't
' have access. (3) The event exists and the user has
' access.
'
If doesNotExist Then
' The event does not exist, so create it.
' Create an access control list (ACL) that denies the
' current user the right to wait on or signal the
' event, but allows the right to read and change
' security information for the event.
'
Dim user As String = Environment.UserDomainName _
& "\" & Environment.UserName
Dim ewhSec As New EventWaitHandleSecurity()
Dim rule As New EventWaitHandleAccessRule(user, _
EventWaitHandleRights.Synchronize Or _
EventWaitHandleRights.Modify, _
AccessControlType.Deny)
ewhSec.AddAccessRule(rule)
rule = New EventWaitHandleAccessRule(user, _
EventWaitHandleRights.ReadPermissions Or _
EventWaitHandleRights.ChangePermissions, _
AccessControlType.Allow)
ewhSec.AddAccessRule(rule)
' Create an EventWaitHandle object that represents
' the system event named by the constant 'ewhName',
' initially signaled, with automatic reset, and with
' the specified security access. The Boolean value that
' indicates creation of the underlying system object
' is placed in wasCreated.
'
ewh = New EventWaitHandle(True, _
EventResetMode.AutoReset, ewhName, _
wasCreated, ewhSec)
' If the named system event was created, it can be
' used by the current instance of this program, even
' though the current user is denied access. The current
' program owns the event. Otherwise, exit the program.
'
If wasCreated Then
Console.WriteLine("Created the named event.")
Else
Console.WriteLine("Unable to create the event.")
Return
End If
ElseIf unauthorized Then
' Open the event to read and change the access control
' security. The access control security defined above
' allows the current user to do this.
'
Try
ewh = EventWaitHandle.OpenExisting(ewhName, _
EventWaitHandleRights.ReadPermissions Or _
EventWaitHandleRights.ChangePermissions)
' Get the current ACL. This requires
' EventWaitHandleRights.ReadPermissions.
Dim ewhSec As EventWaitHandleSecurity = _
ewh.GetAccessControl()
Dim user As String = Environment.UserDomainName _
& "\" & Environment.UserName
' First, the rule that denied the current user
' the right to enter and release the event must
' be removed.
Dim rule As New EventWaitHandleAccessRule(user, _
EventWaitHandleRights.Synchronize Or _
EventWaitHandleRights.Modify, _
AccessControlType.Deny)
ewhSec.RemoveAccessRule(rule)
' Now grant the user the correct rights.
'
rule = New EventWaitHandleAccessRule(user, _
EventWaitHandleRights.Synchronize Or _
EventWaitHandleRights.Modify, _
AccessControlType.Allow)
ewhSec.AddAccessRule(rule)
' Update the ACL. This requires
' EventWaitHandleRights.ChangePermissions.
ewh.SetAccessControl(ewhSec)
Console.WriteLine("Updated event security.")
' Open the event with (EventWaitHandleRights.Synchronize
' Or EventWaitHandleRights.Modify), the rights required
' to wait on and signal the event.
'
ewh = EventWaitHandle.OpenExisting(ewhName)
Catch ex As UnauthorizedAccessException
Console.WriteLine("Unable to change permissions: {0}", _
ex.Message)
Return
End Try
End If
' Wait on the event, and hold it until the program
' exits.
'
Try
Console.WriteLine("Wait on the event.")
ewh.WaitOne()
Console.WriteLine("Event was signaled.")
Console.WriteLine("Press the Enter key to signal the event and exit.")
Console.ReadLine()
Catch ex As UnauthorizedAccessException
Console.WriteLine("Unauthorized access: {0}", _
ex.Message)
Finally
ewh.Set()
End Try
End Sub
End Class
Комментарии
Пользователь должен иметь EventWaitHandleRights.ChangePermissions права на вызов этого метода, и событие должно быть открыто с флагом EventWaitHandleRights.ChangePermissions .