Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

API Proposal: Add pipe creation extension methods that take an ACL #41657

Closed
JeremyKuhne opened this issue Oct 8, 2019 · 5 comments
Closed

API Proposal: Add pipe creation extension methods that take an ACL #41657

JeremyKuhne opened this issue Oct 8, 2019 · 5 comments

Comments

@JeremyKuhne
Copy link
Member

@JeremyKuhne JeremyKuhne commented Oct 8, 2019

Summary

Similar to #41614, we don't currently have a way to create a pipe with a given ACL in .NET Core. We can modify the ACL, but it would be more secure to have the proper ACL on the pipe from the start.

The Pipe ACL PipeSecurity is already exposed in the System.IO.Pipes assembly , we should add creation extension methods to the existing PipesAclExtensions.

Proposal

Add the following two creation methods to the existing PipesAclExtensions class in the System.IO.Pipes assembly:

namespace System.IO.Pipes
{
    public static class PipesAclExtensions
    {
        // Add
        public AnonymousPipeServerStream CreateAnonymousPipeServerStream(
            this PipeSecurity pipeSecurity
            PipeDirection direction,
            HandleInheritability inheritability,
            int bufferSize);

        public NamedPipeServerStream CreateNamedPipeServerStream(
            this PipeSecurity pipeSecurity
            string pipeName,
            PipeDirection direction,
            int maxNumberOfServerInstances,
            PipeTransmissionMode transmissionMode,
            PipeOptions options,
            int inBufferSize,
            int outBufferSize,
            HandleInheritability inheritability = HandleInheritability.None,
            PipeAccessRights additionalAccessRights = default);

        // Existing
        public static PipeSecurity GetAccessControl(this PipeStream stream);
        public static void SetAccessControl(this PipeStream stream, PipeSecurity pipeSecurity);
    }
}

Details

Since these are already in the same assembly as the modified types it should be pretty straight-forward to implement.

Related Issues

#41614 API Proposal: Add file and directory creation methods that take an ACL

CC: @danmosemsft, @ericstj, @terrajobst

@terrajobst

This comment has been minimized.

Copy link
Member

@terrajobst terrajobst commented Oct 10, 2019

Video

We should not make them extension methods. We should follow the other pattern and create new static types suffixed with Acl:

namespace System.IO.Pipes
{
    public static class AnonymousPipeServerStreamAcl
    {
        public static AnonymousPipeServerStream Create(
            PipeDirection direction,
            HandleInheritability inheritability,
            int bufferSize,
            PipeSecurity pipeSecurity);
    }

    public static class NamedPipeServerStreamAcl
    {
        public static NamedPipeServerStream Create(
            string pipeName,
            PipeDirection direction,
            int maxNumberOfServerInstances,
            PipeTransmissionMode transmissionMode,
            PipeOptions options,
            int inBufferSize,
            int outBufferSize,
            PipeSecurity pipeSecurity,
            HandleInheritability inheritability = HandleInheritability.None,
            PipeAccessRights additionalAccessRights = default);
    }
}
@TonyValenti

This comment has been minimized.

Copy link

@TonyValenti TonyValenti commented Oct 14, 2019

Definitely excited to see the work on this. Really looking forward to it being completed!

carlossanlop added a commit to dotnet/runtime that referenced this issue Nov 19, 2019
Add AnonymousPipeServerStream method that takes an ACL

The original corefx PR was already signed off, but the CI did not finish on time before the 5pm deadline: dotnet/corefx#42392

Approved API proposal: dotnet/corefx#41657

We don't currently have a way to create a pipe with a given ACL in .NET Core. We can modify the ACL, but it would be more secure to have the proper ACL on the pipe from the start.

This PR adds a new static class and method that can create an AnonymousPipeServerStream taking a PipeSecurity object, reusing code that can already perform this task.
carlossanlop added a commit to dotnet/runtime that referenced this issue Dec 2, 2019
Add NamedPipeServerStream method that takes an ACL

Approved API proposal: dotnet/corefx#41657

We don't currently have a way to create a pipe with a given ACL in .NET Core. We can modify the ACL, but it would be more secure to have the proper ACL on the pipe from the start.

This PR adds a new static class and method that can create an NamedPipeServerStream taking a PipeSecurity object, reusing code that can already perform this task.
@carlossanlop

This comment has been minimized.

Copy link
Member

@carlossanlop carlossanlop commented Dec 3, 2019

Fixed with dotnet/runtime#317

@TonyValenti

This comment has been minimized.

Copy link

@TonyValenti TonyValenti commented Dec 4, 2019

I'm super excited the work on this has been complete! Do you have an ETA on a release date?

@carlossanlop

This comment has been minimized.

Copy link
Member

@carlossanlop carlossanlop commented Dec 6, 2019

@TonyValenti it's targeted for 5.0. You can always consume a nightly build or a preview to test these new APIs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
4 participants
You can’t perform that action at this time.