New question on PostThreadMessage & shared memory
I tried the functionality of PostThreadMessage and mapping file (shared memory)on a console test harness and they work fine.

However, when I copy my testing code to an NT service, both of them seem no longer work.

Should PostThreadMessage work with an NT service?
Thanks

What is the value of GetLastError() for the postthreadmessage call? It might be this caveat...


Windows 2000/XP: This thread must either belong to the same desktop as the calling thread or to a process with the same LUID. Otherwise, the function fails and returns ERROR_INVALID_THREAD_ID.

I only tested on Win2K.

Shared Memory: It seems creating shared memory is OK. However, if a client application tries to open that shared memory, the error is ERROR_ACCESS_DENIED. Note that the client application runs with the local admin's previlege and the NT service runs as default system account.


Windows Message: The service has no error but cannot get Windows message, while the client application get "invalid thread ID" when using PostThreadMessage().


The typical question is: How can I write a client which will run as a local user and talking to a running NT service without using "network" IPC such as winsock, pipe, and DCOM?


Thanks,

cyberninja

can you show the code you use, preferably the console app code that works for you. If you want to post the full service code that's fine also...

Thanks Mick,

I will post a simple sample for shared memory later on.


Some other articles in codeguru say that since NT service does not own a window, the windows message will not work. Is that true? If so, can I create an hidden window in NT service to make the windows message queue work?

Well it kinda depends on what you are doing, that's why I'd like to see it.

See the remarks section...

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/winui/WinUI/WindowsUserInterface/Windowing/MessagesandMessageQueues/MessagesandMessageQueuesReference/MessagesandMessageQueuesFunctions/PostThreadMessage.asp

I use PostThreadMessage internally inside of my serivces inside of the service control handler to be specific, and I also create the message quueue by setting up the GetMessage(...), but I do not use it from a client app (the client is driver code and I use an undocumented form of IPC (LPC)). Do you set up a message queue via peekmessage/getmessage?

See http://www.microsoft.com/msj/0398/service2.aspx

Originally posted by cyberninja
See http://www.microsoft.com/msj/0398/service2.aspx

So you created a NULL DACL or set the ACE?

Here are the scenarios, I still need to test more:

The NT service creates a named shared memory and put some data.

Run two client console apps to create the same named shared memory and read some data.


1) On Win2K, without creating NULL DACL:
The client returns "access denied" in calling CreateFileMapping()

2) On Win2K, creating NULL DACL:
Not tested yet, will do it.

3) On WinXP, without creating NULL DACL:
The client returns success in calling CreateFileMapping(),
If there are two clients, they can still use the mapping file to read and write correctly but cannot read the data written by the NT service. (It looks like that the NT service does not exists. )

4) On WinXP, creating NULL DACL:
same as 3). The sample code of creating NULL DACL is written before 1998, and I wonder if that works on Win2K or WInXP.


PostThreadMessage is another topic.

I used the similar way described in "Microsoft Knowledge Base Article - 106387". Inside the NT service, I added the Authenticated Users group ACE to a DACL with appropriate previleges, and applied that DACL in creating events/shared memory, eventually those handles works on both WinXP and Win2K.
One interesting issue (as I mentioned in the previous thread) is that when access is denied, Win2K correctly returns the WIn32 error but WinXP does not. On WinXP, the client process can still use the shared memory in some isolated way, as if the NT service does not exist.

By specifying "interact with esktop", the NT Service do receive messages sent from PostThreadMessage().

Thanks everyone.
cyberninja

Originally posted by cyberninja
One interesting issue (as I mentioned in the previous thread) is that when access is denied, Win2K correctly returns the WIn32 error but WinXP does not. On WinXP, the client process can still use the shared memory in some isolated way, as if the NT service does not exist.
Thanks everyone.
cyberninja

for the NULL DACL right? just want to clarify because I want to look at that sometime here soon on my w2k && xp machines because well..curiosty always kills the cat...and I've got a couple of my 9 lives left to spare :)

Yes, just replace the DACL (the previlege depends on how you set up - can be local user, everyone, authanticated user, etc) of those named objects.

Ming