Hi, Julián
Thank you very much for your help. I’ve read the document you sent carefully, I think the security descriptor should be the correct answer for me.
My original configuration is
HKR,Security,“D:P(A;;GA;;;SY)(A;;GA;;;BA)” ; Allow generic all access to system and built-in Admin.
and now I change it as follow, to grant read/write/executable permissions to everyone
HKR,Security,“D:P(A;;GA;;;SY)(A;;GA;;;BA)(A;;GRGWGX;;;WD)”
But it’s still not working, CreateFile returns -1 and GetLastError is 5, means “Access denied”.
g_deviceInfo.m_hDevice = CreateFile(g_deviceInfo.m_pDeviceInterfaceDetail->DevicePath,
GENERIC_READ | GENERIC_WRITE,
FILE_SHARE_READ | FILE_SHARE_WRITE,
NULL,
OPEN_EXISTING,
FILE_FLAG_OVERLAPPED,
NULL);
DWORD reslut = GetLastError();
Is there any other place need to modify?
xxxxx@sina.com
From: xxxxx@gmail.com
Date: 2017-12-20 21:42
To: Windows System Software Devs Interest List
Subject: Re: [ntdev] Does only with administrator privileges to open a device?
Hi,
It depends on the security descriptor. I think the most common ways to set this descriptor for your device is via INF file or programatically via IoCreateDeviceSecure.
More here: https://docs.microsoft.com/en-us/windows-hardware/drivers/kernel/controlling-device-access
Julián
El El mié, 20 dic 2017 a las 14:26, xxxxx@sina.com escribió:
Hi, all
I learned to drive for a short while, but I always had a question: does only with administrator privileges to open a divece.
In the driver samples offerd by WDK, they use SetupAPI to get a device name, SetupDiGetDeviceInterfaceDetail
and then use CreateFile to get a device hadle.
This operation requires administrator privileges, but I think this constraint must be too strong. I think there should be another way
through non-administrator privileges can be opened, but google tells me no answer
Thanks
xxxxx@sina.com
—
NTDEV is sponsored by OSR
Visit the list online at: http:
MONTHLY seminars on crash dump analysis, WDF, Windows internals and software drivers!
Details at http:
To unsubscribe, visit the List Server section of OSR Online at http:
— NTDEV is sponsored by OSR Visit the list online at: MONTHLY seminars on crash dump analysis, WDF, Windows internals and software drivers! Details at To unsubscribe, visit the List Server section of OSR Online at</http:></http:></http:>