Sunday, January 20, 2008

DuplicateHandle and Access Mask.

In the DuplicateHandle MSDN documentation there is not a lot of information about the Access Mask that can be passed to DuplicateHandle.

What happens if you ask for MAXIMUM_ALLOWED?

The function succeeds, but the handle created does not have any granted access. This is not really useful.

Not all object types support the same flags in an access mask, what happens if you specify a mask that contains invalid flags?

It depends...

The function fails if you use any of these flags:

0x00200000 = Unused standard right
0x00400000 = Unused standard right
0x00800000 = Unused standard right
0x01000000 = ACCESS_SYSTEM_SECURITY [You need a privilege]
0x04000000 = Reserved
0x08000000 = Reserved

But if you don't, any other invalid flags are ignored and the call succeeds. The granted access is the union of all the valid flags present in the mask. It also means that if you duplicate the handle using invalid flags only, the handle will be created without any granted access.

That said, in my previous post I talked about why you should not use PROCESS_ALL_ACCESS anymore on Windows XP. This is not true for the DuplicateHandle call, you can still use it since the new flag 0xF000 will be ignored on previous version of the OS.

1 comment:

Gentil Kiwi said...

Thank's for this precious help !