Board index » cppbuilder » IPC mechanisms in XP / Vista

IPC mechanisms in XP / Vista


2008-03-28 07:58:18 PM
cppbuilder13
Hi all, first off, thanks for all the great replies to my Service question -
got me started without wasting too much time on R&D.
This ones a bit of a long shot but I'll ask anyway. I'm trying to establish
an IPC process between a service (TService) and a process on the users
desktop. I have an existing IPC system (written by a 3rd party) which works
fine for my basic needs.
However, I want to try and determine if the calling desktop process is
infact my client and not a spoof / rouge application, mimicking the same IPC
traffic. The system that I'm currently using does not offer such feature,
nor do any of the standard systems that I see available in Windows
(mailshots, named pipes, memory mapped files, sockets). None of these
systems seem to provide a handle or other identifying object to the calling
process.
I'd started to look at a system of doing some sort of hand-shake and key
exchange (using RC5) when my IPC comms are first initialised but seems a bit
pointless because it is possible to debug the client and look at this
arbitration.
Any thoughts, suggestions or pointers would be greatly welcomed,
Many many thanks again,
Mike Collins...
 
 

Re:IPC mechanisms in XP / Vista

"Mike Collins" <its@TheBottomOfThePost>wrote in message
Quote
However, I want to try and determine if the calling desktop
process is infact my client and not a spoof / rouge application,
mimicking the same IPC traffic.
There is no way to do that at the API level. The OS does not provide that
kind of information.
Quote
I'd started to look at a system of doing some sort of hand-shake
and key exchange (using RC5) when my IPC comms are
first initialised
That is what you will have to do.
Quote
but seems a bit pointless because it is possible to debug the
client and look at this arbitration.
Use strong encryption to encrypt the communications.
Gambit
 

Re:IPC mechanisms in XP / Vista

Hay remy,
Once again, thanks for the confirmation - thats pretty much what i had
concluded, but i just wanted to make sure that i hadn't missed something.
One option that i was seriously considering is using CreateProcesAsUser() to
launch the client process. As least this way i can pre pretty sure that the
process is the correct client, and then use the RC5 key managament and, as
you say, strong encryption.
P.S. You seem to get around - just noticed your post to my question on
microsoft.public.win32.programmer.kernal.
Cheers,
Mike
 

{smallsort}