Can low integrity process create a named mutant object?

0

I'm trying to create a new named mutant from a low integrity process. This code works great on a high integrity process, but fails on low and medium integrity. 

RtlInitUnicodeString(&Name, L"\\MutantName");
InitializeObjectAttributes(&Attr, &Name, OBJ_INHERIT | OBJ_OPENIF, NULL, NULL);
NTStatus = NtCreateMutant(&Mutant, MUTANT_ALL_ACCESS, &Attr, 0);

I'm getting NTStatus = ERROR_ACCESS_DENIED (0xc0000022).

Is it possible to create a mutant from a low integrity process? If yes - does someone know what am I doing wrong? Thanks!

windows
winapi
synchronization
mutex
asked on Stack Overflow May 11, 2017 by macro_controller • edited May 11, 2017 by macro_controller

1 Answer

2

A Low Integrity process can create objects only in an object directory that has a Low Mandatory label. The root object directory does not have this label. \BaseNamedObjects does, so you can create your mutant in there from a Low Integrity process:

RtlInitUnicodeString(&Name, L"\\BaseNamedObjects\\MutantName");
answered on Stack Overflow May 11, 2017 by RbMm • edited May 11, 2017 by Remy Lebeau

User contributions licensed under CC BY-SA 3.0