API Proposal: Add Mutex, Semaphore, and EventWaitHandle creation extension methods that take an ACL #31114
Assignees
Labels
api-approved
API was approved in API review, it can be implemented
area-System.Threading
os-windows
Security
Milestone
Comments
|
We should not make them extension methods. We should follow the other pattern and create new static types suffixed with namespace System.Threading
{
public static class EventWaitHandleAcl
{
public static EventWaitHandle Create(
bool initialState,
EventResetMode mode,
string name,
out bool createdNew,
EventWaitHandleSecurity eventSecurity);
}
public static class MutexAcl
{
public static Mutex Create(
bool initiallyOwned,
string name,
out bool createdNew,
MutexSecurity mutexSecurity);
}
public static class SemaphoreAcl
{
public static Semaphore Create(
int initialCount,
int maximumCount,
string name,
out bool createdNew,
SemaphoreSecurity semaphoreSecurity);
}
} |
carlossanlop
referenced
this issue
in dotnet/corefx
Nov 7, 2019
Approved API Proposal: #41662 Description We don't currently have a way to create a Mutex with a given ACL in .NET Core. We can modify the ACL, but it would be more secure to have the proper ACL on the object from the start. Customer impact Before this change, customers had to create a Mutex, then set its ACLs. This presents a few problems: Potential security hole as mutexes can be accessed between creation and modification. Porting difficulties as there isn't a 1-1 API replacement This change addresses those problems by adding a new extension method that allows creating a Mutex and ensuring the provided ACLs are set during creation.
carlossanlop
referenced
this issue
in dotnet/corefx
Nov 8, 2019
Approved API Proposal: #41662 Description We don't currently have a way to create a Semaphore with a given ACL in .NET Core. We can modify the ACL, but it would be more secure to have the proper ACL on the object from the start. Customer impact Before this change, customers had to create a Semaphore, then set its ACLs. This presents a few problems: - Potential security hole as semaphores can be accessed between creation and modification. - Porting difficulties as there isn't a 1-1 API replacement This change addresses those problems by adding a new extension method that allows creating a Semaphore and ensuring the provided ACLs are set during creation.
ghost
locked as resolved and limited conversation to collaborators
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Summary
Similar to #31095, we don't currently have a way to create a synchronization object with a given ACL in .NET Core. We can modify the ACL, but it would be more secure to have the proper ACL on the object from the start.
The related ACLs are already exposed in the
System.Threading.AccessControlassembly , we should add creation extension methods to the existingThreadingAclExtensions.Proposal
Add the following three creation methods to the existing
ThreadingAclExtensionsclass in theSystem.Threading.AccessControlassembly:Details
These primitives live in CoreLib.
We can not support creating unnamed objects without adding new constructors to the types. With names, we can create and then call the open existing methods. If we want to support unnamed I would suggest we add new
OpenExisting()overloads that take the handle that our extension methods create. It may not be critical as you need the handle to the unnamed object, so discrete ACL setting should be ok...Related Issues
#31095 API Proposal: Add file and directory creation methods that take an ACL
CC: @danmosemsft, @ericstj, @terrajobst, @kouvel
The text was updated successfully, but these errors were encountered: