0

I have a library that uses a named mutex to protect access to shared configuration data in the registry.

This library is now used both in a "normal" desktop application, and a Shell Preview extension handler. I observe the following behavior:

  • If the mutex is created by the PrevHost.exe first (e.g. by previewing a file in explorer), the desktop application can open the mutex, and everything works.
  • If the mutex is created by the desktop application first, the shell extension (running PrevHost.exe) can not open the mutex, failing with ACCESS DENIED.

I provide a nullptr security descriptor to CreateMutex.
How do I initialize a security descriptor that allows sharing the mutex between PrevHost.exe and a desktop application running under the current user?

peterchen
  • 40,917
  • 20
  • 104
  • 186
  • If CreateMutex fails try OpenMutex. – Dialecticus Dec 02 '20 at 14:39
  • @Dialecticus: this works! though I'm unsure why, as I understand the CreateMutex documentation, it would Open 8rather than create) the mutex in that situation anyway. --- Anyway, if you want to post as answer, I'd accept it. – peterchen Dec 02 '20 at 18:07

1 Answers1

1

The documentation says that if CreateMutex succeeds then the mutex is created with all access privileges. But if the mutex is already created with reduced privileges then CreateMutex cannot expand on them, and so it fails. This is my interpretation, but I could be wrong.

The solution in any case is to follow up with OpenMutex.

Dialecticus
  • 16,400
  • 7
  • 43
  • 103