security and pipes explained

Giganews Newsgroups
Subject: security and pipes explained
Posted by:  Markus Humm (markus.hum…@freenet.de)
Date: Sun, 22 Oct 2006

Hello,

sorry for posting to more than one group, but I simply don't know
exactly which one would be suited best, since it involves programming
and bvasic explanation (from a security administration point of view) of
that topic as well

I'm a win32 developper but new to security related things in Win32.
I've a server and a client application where the server sets up a named
pipe and writes some importand value for the client to it if the client
connects.

I've two PCs to test with, one in on our company network, that it within
a domain and has a 2nd network card. The other PC (both XP prof.) is on
a private peer to peer network connected to the 2nd NIC of the first PC.
If he (the 2nd PC) is the server I can connect from the domain member PC
to it with my client. If the domain member is to be the server the other
can't connect. He doesn't see the pipe I think because he can't
authenticate properly or so.

Who can explain this security topic to me in such a detail that I can
understand it? When creating the pipe I can assign either no security
attributes (so it inherits the ones of the app. I think) or I can
specify a NULL security entry which, according to MSDN should give
access to everybody, but that's a lie! I can't connect then as well if
the domain member PC is going to be the server.

It also doesn't work if both, server and client, sit on PCs which belong
to the domain. The non domain member PC is currently configured nearly
as open as I can imagine (allowing nearly all access). I want to be able
to change this, but I fear to break the pipe access then.

Greetings

Markus

Replies