Re: Private temporal files on Windows

in reply to Private temporal files on Windows

I'd suggest avoiding the file system completely and using a Named Pipe.

Your perl code creates a named pipe before starting the child process, then supplies the full name of the named pipe to the (asynchronously started) child process as the password file name; it then waits for the child to open the "file" and supplies the password.

Using Win32::Pipe this can be done so:

#! perl -slw
use strict;
use Win32::Pipe;

my $pipe = Win32::Pipe->new( 'MyPipe' );

print system 1, 'c:\test\dummyCapp.exe \\\\.\\pipe\\MyPipe' or die $?;

$pipe->Connect;

$pipe->Write( 'The quick brown fox' );

$pipe->Disconnect;

$pipe->Close;
[download]

I knocked up this as a substitute for the sshg3 app:

#include <stdio.h>

int main( int argc, char **argv ) {
    FILE *f;

    if( argc < 2 ) {
        fprintf( stderr, "No filename given\n" );
        exit( -1 );
    }

    if( f = fopen( argv[1], "r" ) ) {
        int read = 0;
        char pword[ 1024 ];

        if( read = fread( pword, sizeof( char ), 1024, f ) ) {
            printf( "Got: '%s'\n", pword );
        }
        else {
            fprintf( stderr, "Failed to read anything\n" );
            exit( -2 );
        }
    }
    else {
        fprintf( stderr, "Couldn't open file %s: %d\n", argv[1], GetLa
+stError() );
        exit( -3 );
    }
    printf( "Ending...\n" );
    return 0;
}
[download]

And running the perl script gives:

C:\test>junk50
560
Got: 'The quick brown fox'
Ending...
[download]

With the rise and rise of 'Social' network sites: 'Computers are making people easier to use everyday'

Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.

"Science is about questioning the status quo. Questioning authority".

In the absence of evidence, opinion is indistinguishable from prejudice.

Comment on Re: Private temporal files on Windows Select or Download Code

Replies are listed 'Best First'.
Re^2: Private temporal files on Windows by salva (Canon) on Dec 18, 2014 at 21:36 UTC
That was the first thing I tried, but the slave program doesn't like opening pipes. Sysinternals Process Monitor utility shows that it doesn't try to open anything. It probably runs some internal checks, on the pipe filename or in the parent (pseudo-)directory and they fail.	[reply]
Re^3: Private temporal files on Windows by BrowserUk (Patriarch) on Dec 19, 2014 at 09:02 UTC
Then I suggest trying the extprog method: `--password=extprog://PROGRAM`; and have that program (a perl script) connect to the named pipe to fetch the password and emit it to its stdout. I'd avoid trying to get into the world of windows permissions; its a nightmare to end all nightmares. With the rise and rise of 'Social' network sites: 'Computers are making people easier to use everyday' Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error. "Science is about questioning the status quo. Questioning authority". In the absence of evidence, opinion is indistinguishable from prejudice.	[reply] [d/l]
Re^4: Private temporal files on Windows by salva (Canon) on Dec 19, 2014 at 10:36 UTC
I already have a solution using `extprog` that mostly works, the problem with that approach is that, as `sshg3` reuses the connections, you never kwnow if it is actually going to run the helper program or not and when it doesn't, the parent just get stalled at the `$pipe->Connect`. The option I am considering now is opening an anonymous pipe on the parent (just using `pipe`), mark the read side as inheritable and then recover and use it from the helper. The problem is reconstructing a Perl level fh from the windows handler... probably, the easiest solution would be to move away from Perl there, program the helper in C and just bundle it precompiled. Anyway, I still have to check that the file handle survives the full chain of program calls (perl -> sshg3 -> cmd -> helper). Also, a minor issue I have found with `extprog` is that a console window pops up briefly. Besides the visual ugliness what really worries me is if that could cause the helper invocation to fail on contexts lacking a GUI environment. For instance, when called from the task scheduler, a web server, or any other program not started inside an user session.	[reply] [d/l] [select]
Re^5: Private temporal files on Windows by Corion (Patriarch) on Dec 19, 2014 at 10:39 UTC
Re^6: Private temporal files on Windows by salva (Canon) on Dec 19, 2014 at 10:40 UTC
Some notes below your chosen depth have not been shown here
Re^5: Private temporal files on Windows by BrowserUk (Patriarch) on Dec 19, 2014 at 11:08 UTC
Re^5: Private temporal files on Windows by BrowserUk (Patriarch) on Dec 19, 2014 at 12:37 UTC
Re^6: Private temporal files on Windows by salva (Canon) on Dec 20, 2014 at 09:12 UTC
Some notes below your chosen depth have not been shown here
Re^5: Private temporal files on Windows by salva (Canon) on Dec 20, 2014 at 08:57 UTC
Re^6: Private temporal files on Windows by Corion (Patriarch) on Dec 20, 2014 at 09:11 UTC
Some notes below your chosen depth have not been shown here
Re^4: Private temporal files on Windows by Corion (Patriarch) on Dec 19, 2014 at 09:08 UTC
Yes, it seems that an alternative approach is much easier. I didn't find anything accessible about the ACLs, not even C code that shows an example of how to construct a security descriptor.	[reply]
Re^5: Private temporal files on Windows by BrowserUk (Patriarch) on Dec 19, 2014 at 09:50 UTC
Re^6: Private temporal files on Windows by Discipulus (Canon) on Dec 19, 2014 at 10:53 UTC
Some notes below your chosen depth have not been shown here
Re^5: Private temporal files on Windows by BrowserUk (Patriarch) on Dec 19, 2014 at 12:43 UTC

In Section Seekers of Perl Wisdom