Security Neutral Mutex

We have just completed a project where we had a very “strange” requirement: A Mutex that is normally created by a service but might also be changed or created by the application running as a limited user. Before .NET, we would simply have created a Mutex with a NULL DACL but this is no longer possible because the Mutex Class will actively prevent this.

Fortunately, we found a blog post where the author simply created a Mutex and give EVERYONE full rights on the Mutex which is basically the same as a NULL DACL: http://rdn-consulting.com/blog/2007/09/14/more-on-using-a-named-mutex-in-vista/

We changed the code a little bit and here is the result:

//Original Code: http://rdn-consulting.com/blog/2007/08/20/kernel-object-namespace-and-vista/

public static Mutex Create(string Name)
{
bool bTrash;
return Create(Name, out bTrash);
}

public static Mutex Create(string Name, out bool MutexWasCreated)
{
//Always use global scope
string name = @"Global\" + Name;

MutexSecurity sec = new MutexSecurity();

MutexAccessRule secRule = new MutexAccessRule(

new SecurityIdentifier(WellKnownSidType.WorldSid, null),

MutexRights.FullControl, AccessControlType.Allow);

sec.AddAccessRule(secRule);

bool mutexWasCreated;

Mutex m = new Mutex(false, name, out mutexWasCreated, sec);

MutexWasCreated = mutexWasCreated;

return m;

}