locked
OpenEvent from hook running in metro app throws access denied RRS feed

  • Question

  • There are few win32 api that are supported in windows store apps (metro).  Few among them are CreateEventEx, OpenEvent, SetEvent etc.

    I am trying to communicate between a desktop app and a metro app through win32 Events.  The metro app is hooked and from within the hook code an event created by the desktop app is being opened.  OpenEvent returns null with GetLastError() returning 5, access denied.  I have tried various options for the security description during CreateEventEx with no luck.  I have tried creating event in the global namespace (Global\EventName) also.

    What I want to find out is if this is possible at all?

    Code snippet for security descriptor is...

    DWORD dwRes, dwDisposition;
    PSID pEveryoneSID = NULL, pAdminSID = NULL;
    PACL pACL = NULL;
    PSECURITY_DESCRIPTOR pSD = NULL;
    EXPLICIT_ACCESS ea[1];
    SID_IDENTIFIER_AUTHORITY SIDAuthWorld =
    SECURITY_WORLD_SID_AUTHORITY;
    SID_IDENTIFIER_AUTHORITY SIDAuthNT = SECURITY_NT_AUTHORITY;
    SECURITY_ATTRIBUTES sa;
    LONG lRes;
    HKEY hkSub = NULL;

    // Create a well-known SID for the Everyone group.
    AllocateAndInitializeSid(&SIDAuthWorld, 1,
    SECURITY_WORLD_RID,
    0, 0, 0, 0, 0, 0, 0,
    &pEveryoneSID);

    // Initialize an EXPLICIT_ACCESS structure for an ACE.
    // The ACE will allow Everyone read access to the key.
    ZeroMemory(&ea, 1 * sizeof(EXPLICIT_ACCESS));
    ea[0].grfAccessPermissions = MAXIMUM_ALLOWED;
    ea[0].grfAccessMode = SET_ACCESS;
    ea[0].grfInheritance = NO_INHERITANCE;
    ea[0].Trustee.TrusteeForm = TRUSTEE_IS_SID;
    ea[0].Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP;
    ea[0].Trustee.ptstrName = (LPTSTR)pEveryoneSID;

    // Create a new ACL that contains the new ACEs.
    dwRes = SetEntriesInAcl(1, ea, NULL, &pACL);

    // Initialize a security descriptor.  
    pSD = (PSECURITY_DESCRIPTOR)LocalAlloc(LPTR,
    SECURITY_DESCRIPTOR_MIN_LENGTH);

    InitializeSecurityDescriptor(pSD,
    SECURITY_DESCRIPTOR_REVISION);

    // Add the ACL to the security descriptor. 
    SetSecurityDescriptorDacl(pSD,
    FALSE,     // bDaclPresent flag   (this would give complete access)
    pACL,
    FALSE);

    // Initialize a security attributes structure.
    sa.nLength = sizeof (SECURITY_ATTRIBUTES);
    sa.lpSecurityDescriptor = pSD;
    sa.bInheritHandle = TRUE;

    HANDLE hEventQ = CreateEventEx(&sa, TEXT("Global\\EventName"), 0, EVENT_ALL_ACCESS);

    Friday, December 5, 2014 11:17 AM

Answers

All replies

  • This can't be done.  You can do the following with Windows 8.1 Update to do IPC between a desktop and Windows Store App.

    Brokered Windows Runtime Components for side-loaded Windows Store apps

    http://msdn.microsoft.com/en-us/library/windows/apps/dn630195.aspx

    thanks

    Frank K[MSFT]

    • Marked as answer by IndTech Thursday, December 18, 2014 6:32 AM
    Tuesday, December 9, 2014 4:54 AM
  • Thanks Frank for sharing details on Brokered Windows Runtime Components.  I had come across it before but find way too complex (should admit I haven't understood it well).

    OpenEvent/SetEvent are being called in the context of C++ dll which runs as an accessibility component in the address space of the windows store/metro app.  It would have been great if that worked, as its simple.

    Is there any other alternative?

    Wednesday, December 17, 2014 6:06 AM
  • No. 

    Windows Store Apps run in their own *sand box* and we don't want applications to easily break out of this or there wouldn't be any point.

    thanks

    Frank K [MSFT]

    Thursday, December 18, 2014 2:44 AM
  • Thanks Frank.  Appreciate your help.
    Thursday, December 18, 2014 6:32 AM