ahmd0 ahmd0 - 2 months ago 33
C# Question

Localization for security identity in .NET

I was looking to implement a named pipe for service/client communication in .NET and came across this code that, while initializing server side of the pipe had to set up a security descriptor for the pipe. They did it this way:

PipeSecurity pipeSecurity = new PipeSecurity();

// Allow Everyone read and write access to the pipe.
pipeSecurity.SetAccessRule(new PipeAccessRule("Authenticated Users",
PipeAccessRights.ReadWrite, AccessControlType.Allow));

// Allow the Administrators group full access to the pipe.
pipeSecurity.SetAccessRule(new PipeAccessRule("Administrators",
PipeAccessRights.FullControl, AccessControlType.Allow));


But I'm looking at it, and I'm concerned about specifying SIDs as strings, or
Authenticated Users
and
Administrators
parts. What is the guarantee that they will be called that, say, in Chinese or some other language?

Answer

(Extracted from OP's original question)

I came up with this alternative:

PipeSecurity pipeSecurity = new PipeSecurity();

// Allow Everyone read and write access to the pipe.
pipeSecurity.SetAccessRule(new PipeAccessRule(
    "Authenticated Users",
    new SecurityIdentifier(WellKnownSidType.AuthenticatedUserSid, null),   
    PipeAccessRights.ReadWrite, AccessControlType.Allow));

// Allow the Administrators group full access to the pipe.
pipeSecurity.SetAccessRule(new PipeAccessRule(
    "Administrators",
    new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null),   
    PipeAccessRights.FullControl, AccessControlType.Allow));