Mutex.SetAccessControl(MutexSecurity) 方法
定义
重要
一些信息与预发行产品相关,相应产品在发行之前可能会进行重大修改。 对于此处提供的信息,Microsoft 不作任何明示或暗示的担保。
设置已命名的系统互斥体的访问控制安全性。
public:
void SetAccessControl(System::Security::AccessControl::MutexSecurity ^ mutexSecurity);public void SetAccessControl (System.Security.AccessControl.MutexSecurity mutexSecurity);member this.SetAccessControl : System.Security.AccessControl.MutexSecurity -> unitPublic Sub SetAccessControl (mutexSecurity As MutexSecurity)参数
- mutexSecurity
- MutexSecurity
一个 MutexSecurity 对象,表示应用于已命名的系统互斥体的访问控制安全性。
例外
mutexSecurity 为 null。
当前 Mutex 对象不表示已命名的系统互斥体。
示例
下面的代码示例演示具有访问控制安全性的命名互斥体的跨进程行为。 该示例使用 OpenExisting(String) 方法重载来测试是否存在命名互斥体。
如果互斥体不存在,则会使用初始所有权和访问控制安全性创建该互斥体,以拒绝当前用户使用该互斥体的权限,但授予对互斥体的读取和更改权限的权限。
如果从两个命令窗口运行编译的示例,则第二个副本将在调用 OpenExisting(String)时引发访问冲突异常。 捕获异常,该示例使用 OpenExisting(String, MutexRights) 和 方法重载打开具有读取和更改权限GetAccessControlSetAccessControl所需的权限的互斥体。
更改权限后,将打开互斥体,并具有输入和释放它所需的权限。 如果从第三个命令窗口运行编译的示例,它将使用新权限运行。
using namespace System;
using namespace System::Threading;
using namespace System::Security::AccessControl;
using namespace System::Security::Permissions;
public ref class Example
{
public:
[SecurityPermissionAttribute(SecurityAction::Demand,Flags=SecurityPermissionFlag::UnmanagedCode)]
static void Main()
{
String^ mutexName = L"MutexExample4";
Mutex^ m = nullptr;
bool doesNotExist = false;
bool unauthorized = false;
// The value of this variable is set by the mutex
// constructor. It is true if the named system mutex was
// created, and false if the named mutex already existed.
//
bool mutexWasCreated = false;
// Attempt to open the named mutex.
try
{
// Open the mutex with (MutexRights.Synchronize |
// MutexRights.Modify), to enter and release the
// named mutex.
//
m = Mutex::OpenExisting( mutexName );
}
catch ( WaitHandleCannotBeOpenedException^ )
{
Console::WriteLine( L"Mutex does not exist." );
doesNotExist = true;
}
catch ( UnauthorizedAccessException^ ex )
{
Console::WriteLine( L"Unauthorized access: {0}", ex->Message );
unauthorized = true;
}
// There are three cases: (1) The mutex does not exist.
// (2) The mutex exists, but the current user doesn't
// have access. (3) The mutex exists and the user has
// access.
//
if ( doesNotExist )
{
// The mutex does not exist, so create it.
// Create an access control list (ACL) that denies the
// current user the right to enter or release the
// mutex, but allows the right to read and change
// security information for the mutex.
//
String^ user = String::Concat( Environment::UserDomainName, L"\\",
Environment::UserName );
MutexSecurity^ mSec = gcnew MutexSecurity;
MutexAccessRule^ rule = gcnew MutexAccessRule( user,
static_cast<MutexRights>(
MutexRights::Synchronize |
MutexRights::Modify),
AccessControlType::Deny );
mSec->AddAccessRule( rule );
rule = gcnew MutexAccessRule( user,
static_cast<MutexRights>(
MutexRights::ReadPermissions |
MutexRights::ChangePermissions),
AccessControlType::Allow );
mSec->AddAccessRule( rule );
// Create a Mutex object that represents the system
// mutex named by the constant 'mutexName', with
// initial ownership for this thread, and with the
// specified security access. The Boolean value that
// indicates creation of the underlying system object
// is placed in mutexWasCreated.
//
m = gcnew Mutex( true,mutexName, mutexWasCreated,mSec );
// If the named system mutex was created, it can be
// used by the current instance of this program, even
// though the current user is denied access. The current
// program owns the mutex. Otherwise, exit the program.
//
if ( mutexWasCreated )
{
Console::WriteLine( L"Created the mutex." );
}
else
{
Console::WriteLine( L"Unable to create the mutex." );
return;
}
}
else if ( unauthorized )
{
// Open the mutex to read and change the access control
// security. The access control security defined above
// allows the current user to do this.
//
try
{
m = Mutex::OpenExisting( mutexName,
static_cast<MutexRights>(
MutexRights::ReadPermissions |
MutexRights::ChangePermissions) );
// Get the current ACL. This requires
// MutexRights.ReadPermissions.
MutexSecurity^ mSec = m->GetAccessControl();
String^ user = String::Concat( Environment::UserDomainName,
L"\\", Environment::UserName );
// First, the rule that denied the current user
// the right to enter and release the mutex must
// be removed.
MutexAccessRule^ rule = gcnew MutexAccessRule( user,
static_cast<MutexRights>(
MutexRights::Synchronize |
MutexRights::Modify),
AccessControlType::Deny );
mSec->RemoveAccessRule( rule );
// Now grant the user the correct rights.
//
rule = gcnew MutexAccessRule( user,
static_cast<MutexRights>(
MutexRights::Synchronize |
MutexRights::Modify),
AccessControlType::Allow );
mSec->AddAccessRule( rule );
// Update the ACL. This requires
// MutexRights.ChangePermissions.
m->SetAccessControl( mSec );
Console::WriteLine( L"Updated mutex security." );
// Open the mutex with (MutexRights.Synchronize
// | MutexRights.Modify), the rights required to
// enter and release the mutex.
//
m = Mutex::OpenExisting( mutexName );
}
catch ( UnauthorizedAccessException^ ex )
{
Console::WriteLine(
L"Unable to change permissions: {0}", ex->Message );
return;
}
}
// If this program created the mutex, it already owns
// the mutex.
//
if ( !mutexWasCreated )
{
// Enter the mutex, and hold it until the program
// exits.
//
try
{
Console::WriteLine( L"Wait for the mutex." );
m->WaitOne();
Console::WriteLine( L"Entered the mutex." );
}
catch ( UnauthorizedAccessException^ ex )
{
Console::WriteLine( L"Unauthorized access: {0}",
ex->Message );
}
}
Console::WriteLine( L"Press the Enter key to exit." );
Console::ReadLine();
m->ReleaseMutex();
m->Dispose();
}
};
int main()
{
Example::Main();
}
using System;
using System.Threading;
using System.Security.AccessControl;
internal class Example
{
internal static void Main()
{
const string mutexName = "MutexExample4";
Mutex m = null;
bool doesNotExist = false;
bool unauthorized = false;
// The value of this variable is set by the mutex
// constructor. It is true if the named system mutex was
// created, and false if the named mutex already existed.
//
bool mutexWasCreated = false;
// Attempt to open the named mutex.
try
{
// Open the mutex with (MutexRights.Synchronize |
// MutexRights.Modify), to enter and release the
// named mutex.
//
m = Mutex.OpenExisting(mutexName);
}
catch(WaitHandleCannotBeOpenedException)
{
Console.WriteLine("Mutex does not exist.");
doesNotExist = true;
}
catch(UnauthorizedAccessException ex)
{
Console.WriteLine("Unauthorized access: {0}", ex.Message);
unauthorized = true;
}
// There are three cases: (1) The mutex does not exist.
// (2) The mutex exists, but the current user doesn't
// have access. (3) The mutex exists and the user has
// access.
//
if (doesNotExist)
{
// The mutex does not exist, so create it.
// Create an access control list (ACL) that denies the
// current user the right to enter or release the
// mutex, but allows the right to read and change
// security information for the mutex.
//
string user = Environment.UserDomainName + "\\"
+ Environment.UserName;
var mSec = new MutexSecurity();
MutexAccessRule rule = new MutexAccessRule(user,
MutexRights.Synchronize | MutexRights.Modify,
AccessControlType.Deny);
mSec.AddAccessRule(rule);
rule = new MutexAccessRule(user,
MutexRights.ReadPermissions | MutexRights.ChangePermissions,
AccessControlType.Allow);
mSec.AddAccessRule(rule);
// Create a Mutex object that represents the system
// mutex named by the constant 'mutexName', with
// initial ownership for this thread, and with the
// specified security access. The Boolean value that
// indicates creation of the underlying system object
// is placed in mutexWasCreated.
//
m = new Mutex(true, mutexName, out mutexWasCreated, mSec);
// If the named system mutex was created, it can be
// used by the current instance of this program, even
// though the current user is denied access. The current
// program owns the mutex. Otherwise, exit the program.
//
if (mutexWasCreated)
{
Console.WriteLine("Created the mutex.");
}
else
{
Console.WriteLine("Unable to create the mutex.");
return;
}
}
else if (unauthorized)
{
// Open the mutex to read and change the access control
// security. The access control security defined above
// allows the current user to do this.
//
try
{
m = Mutex.OpenExisting(mutexName,
MutexRights.ReadPermissions | MutexRights.ChangePermissions);
// Get the current ACL. This requires
// MutexRights.ReadPermissions.
MutexSecurity mSec = m.GetAccessControl();
string user = Environment.UserDomainName + "\\"
+ Environment.UserName;
// First, the rule that denied the current user
// the right to enter and release the mutex must
// be removed.
MutexAccessRule rule = new MutexAccessRule(user,
MutexRights.Synchronize | MutexRights.Modify,
AccessControlType.Deny);
mSec.RemoveAccessRule(rule);
// Now grant the user the correct rights.
//
rule = new MutexAccessRule(user,
MutexRights.Synchronize | MutexRights.Modify,
AccessControlType.Allow);
mSec.AddAccessRule(rule);
// Update the ACL. This requires
// MutexRights.ChangePermissions.
m.SetAccessControl(mSec);
Console.WriteLine("Updated mutex security.");
// Open the mutex with (MutexRights.Synchronize
// | MutexRights.Modify), the rights required to
// enter and release the mutex.
//
m = Mutex.OpenExisting(mutexName);
}
catch(UnauthorizedAccessException ex)
{
Console.WriteLine("Unable to change permissions: {0}",
ex.Message);
return;
}
}
// If this program created the mutex, it already owns
// the mutex.
//
if (!mutexWasCreated)
{
// Enter the mutex, and hold it until the program
// exits.
//
try
{
Console.WriteLine("Wait for the mutex.");
m.WaitOne();
Console.WriteLine("Entered the mutex.");
}
catch(UnauthorizedAccessException ex)
{
Console.WriteLine("Unauthorized access: {0}", ex.Message);
}
}
Console.WriteLine("Press the Enter key to exit.");
Console.ReadLine();
m.ReleaseMutex();
m.Dispose();
}
}
Imports System.Threading
Imports System.Security.AccessControl
Friend Class Example
<MTAThread> _
Friend Shared Sub Main()
Const mutexName As String = "MutexExample4"
Dim m As Mutex = Nothing
Dim doesNotExist as Boolean = False
Dim unauthorized As Boolean = False
' The value of this variable is set by the mutex
' constructor. It is True if the named system mutex was
' created, and False if the named mutex already existed.
'
Dim mutexWasCreated As Boolean
' Attempt to open the named mutex.
Try
' Open the mutex with (MutexRights.Synchronize Or
' MutexRights.Modify), to enter and release the
' named mutex.
'
m = Mutex.OpenExisting(mutexName)
Catch ex As WaitHandleCannotBeOpenedException
Console.WriteLine("Mutex does not exist.")
doesNotExist = True
Catch ex As UnauthorizedAccessException
Console.WriteLine("Unauthorized access: {0}", ex.Message)
unauthorized = True
End Try
' There are three cases: (1) The mutex does not exist.
' (2) The mutex exists, but the current user doesn't
' have access. (3) The mutex exists and the user has
' access.
'
If doesNotExist Then
' The mutex does not exist, so create it.
' Create an access control list (ACL) that denies the
' current user the right to enter or release the
' mutex, but allows the right to read and change
' security information for the mutex.
'
Dim user As String = Environment.UserDomainName _
& "\" & Environment.UserName
Dim mSec As New MutexSecurity()
Dim rule As New MutexAccessRule(user, _
MutexRights.Synchronize Or MutexRights.Modify, _
AccessControlType.Deny)
mSec.AddAccessRule(rule)
rule = New MutexAccessRule(user, _
MutexRights.ReadPermissions Or _
MutexRights.ChangePermissions, _
AccessControlType.Allow)
mSec.AddAccessRule(rule)
' Create a Mutex object that represents the system
' mutex named by the constant 'mutexName', with
' initial ownership for this thread, and with the
' specified security access. The Boolean value that
' indicates creation of the underlying system object
' is placed in mutexWasCreated.
'
m = New Mutex(True, mutexName, mutexWasCreated, mSec)
' If the named system mutex was created, it can be
' used by the current instance of this program, even
' though the current user is denied access. The current
' program owns the mutex. Otherwise, exit the program.
'
If mutexWasCreated Then
Console.WriteLine("Created the mutex.")
Else
Console.WriteLine("Unable to create the mutex.")
Return
End If
ElseIf unauthorized Then
' Open the mutex to read and change the access control
' security. The access control security defined above
' allows the current user to do this.
'
Try
m = Mutex.OpenExisting(mutexName, _
MutexRights.ReadPermissions Or _
MutexRights.ChangePermissions)
' Get the current ACL. This requires
' MutexRights.ReadPermissions.
Dim mSec As MutexSecurity = m.GetAccessControl()
Dim user As String = Environment.UserDomainName _
& "\" & Environment.UserName
' First, the rule that denied the current user
' the right to enter and release the mutex must
' be removed.
Dim rule As New MutexAccessRule(user, _
MutexRights.Synchronize Or MutexRights.Modify, _
AccessControlType.Deny)
mSec.RemoveAccessRule(rule)
' Now grant the user the correct rights.
'
rule = New MutexAccessRule(user, _
MutexRights.Synchronize Or MutexRights.Modify, _
AccessControlType.Allow)
mSec.AddAccessRule(rule)
' Update the ACL. This requires
' MutexRights.ChangePermissions.
m.SetAccessControl(mSec)
Console.WriteLine("Updated mutex security.")
' Open the mutex with (MutexRights.Synchronize
' Or MutexRights.Modify), the rights required to
' enter and release the mutex.
'
m = Mutex.OpenExisting(mutexName)
Catch ex As UnauthorizedAccessException
Console.WriteLine("Unable to change permissions: {0}", _
ex.Message)
Return
End Try
End If
' If this program created the mutex, it already owns
' the mutex.
'
If Not mutexWasCreated Then
' Enter the mutex, and hold it until the program
' exits.
'
Try
Console.WriteLine("Wait for the mutex.")
m.WaitOne()
Console.WriteLine("Entered the mutex.")
Catch ex As UnauthorizedAccessException
Console.WriteLine("Unauthorized access: {0}", _
ex.Message)
End Try
End If
Console.WriteLine("Press the Enter key to exit.")
Console.ReadLine()
m.ReleaseMutex()
m.Dispose()
End Sub
End Class
注解
用户必须有权 MutexRights.ChangePermissions 调用此方法,并且互斥体必须已使用 MutexRights.ChangePermissions打开。
注意
在 .NET Core 和 .NET 5+ 中,等效的 方法是 SetAccessControl。
