2009-12-16 00:36:24 UTC
I am creating an event in a global namespace from within a service. The
event is supposed to be accessed (set) by some other processes that
might be running under different credentials in different sessions, so
during its creation I add following DACL: "D:(A;NP;GRGW;;;WD)" to its
security descriptor (read and write access for Everyone). This is
supposed to ensure other processes have rights to open it for read and
On pre vista OSes it used to be working, on Vista it works too but not
for every process. For some processes OpenEvent(EVENT_MODIFY_STATE,...)
fails with GetLastError() returning 5 (ERROR_ACCESS_DENIED).
I have no idea what might be causing this and where to look now. Is
there any additional security mechanism in Vista that can override
security descriptor of an object?