locked
Vista duplicatesocket between user service and LocalSystem service RRS feed

  • Question

  • Hi,

    I want to duplicate a tcp socket from process A (running as service with  user1 identity) to Process B (running as service with LocalSystem identity). I am getting 10022 error in process A. WSADuplcaiteSocket errors out. I have given duplicate socket privilages user1 from process B. Verified it by right click -> properties from process monitor.

    It looks like its because of integrity levels, please confirm. http://msdn.microsoft.com/en-us/library/bb625962.aspx .

    can send sample program if required..

    -vas
    Thursday, September 16, 2010 11:10 AM

All replies

  • I have even tried to reduce the integrity level of process B  to High from System programmatically. Even after doing this I am not able to duplicate socket from Process A...


      if (OpenProcessToken(GetCurrentProcess(), TOKEN_ALL_ACCESS, &hToken))
      {
      CHAR wszIntegritySid[20] = "HI";  
        {
          if (ConvertStringSidToSidA(wszIntegritySid, &pIntegritySid))
          {
            TIL.Label.Attributes = SE_GROUP_INTEGRITY;
            TIL.Label.Sid = pIntegritySid;
            // Set the process integrity level
            if (SetTokenInformation(hToken, TokenIntegrityLevel, &TIL,
                sizeof(TOKEN_MANDATORY_LABEL) + GetLengthSid(pIntegritySid)))
                {
                   fprintf(f, "set token info success\n");
                }
            LocalFree(pIntegritySid);
          }
          CloseHandle(hNewToken);
        }
        
      CloseHandle(hToken);
      }

    Thursday, September 16, 2010 11:13 AM