Trusted communications with child processes
First Claim
1. A computer readable storage device storing thereon computer readable instructions for identifying a child process to a parent process, comprising:
- instructions for creating a communications endpoint;
instructions for spawning, by the parent process, the child process and passing the communications endpoint to the child process, the child process having a child security identifier;
instructions for receiving a request to communicate with the parent process, the request including a security identifier for the requesting process;
instructions for impersonating the requesting process by the parent process;
instructions for comparing the requesting process with the child security identifier, thereby identifying the requesting process as a child process spawned by the parent process; and
instructions for responding, by the parent process, to the request if the comparison is a match of security identifiers.
2 Assignments
0 Petitions
Accused Products
Abstract
A method to identify a child process to a parent process in an operating system includes obtaining a token and login identifier from the operating system. The parent process creates a remote procedure call communications endpoint to communicate with the child process. Thereafter, a child process is spawned by the parent process. A child-initiated request to communicate with the parent process is then received by the parent process. In order to verify the identity of the child-initiated request, the parent process impersonates the child process and receives as identifier that identifies the requestor child process. The requestor process identifier and the spawned child identifier are compared. Based on the comparison, the parent process responds to the child-initiated request. In another embodiment, process identifiers are used by the parent process to verify the identity of a child process the requests communication with the parent process.
11 Citations
20 Claims
-
1. A computer readable storage device storing thereon computer readable instructions for identifying a child process to a parent process, comprising:
-
instructions for creating a communications endpoint; instructions for spawning, by the parent process, the child process and passing the communications endpoint to the child process, the child process having a child security identifier; instructions for receiving a request to communicate with the parent process, the request including a security identifier for the requesting process; instructions for impersonating the requesting process by the parent process; instructions for comparing the requesting process with the child security identifier, thereby identifying the requesting process as a child process spawned by the parent process; and instructions for responding, by the parent process, to the request if the comparison is a match of security identifiers. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A system for identifying a child process to a parent process in an operating system in computer software using a process identifier, the system comprising:
-
a computing device comprising a processor; a memory communicatively coupled to said processor when said system is operational;
said memory having stored therein computer instructions that upon execution by the processor cause;creating a communications endpoint; spawning, by the parent process, the child process and passing the communications endpoint to the child process wherein access to the child process is limited, the spawning also producing a child process identifier; receiving a request to communicate with the parent process, the request made to the communications endpoint and including a requestor process identifier; comparing the requestor process identifier with the spawned child process identifier, thereby identifying the requesting process as the child process spawned by the parent process; and responding, by the parent process, to the request if the comparison is a match of process identifiers. - View Dependent Claims (17, 18, 19, 20)
-
Specification