I planning to split my program to 2 processes: 1st is the GUI, and 2nd is a background process running with administrator account. Both should communicate each other.
I thinking about use named pipes for this, but there is one thing that bothering me:
Is there a way to ensure only my program can access a named pipe?
When creating named pipes, you can usually secure access to it (on both sides) with a security descriptor. However, security descriptors are for users, not for applications (and for good reason, from a security standpoint, you want to secure the user, not the application).
That said, you could create a user that your client and server run under, and as long as you keep that account secure, you'd be fine (you'd secure the pipe with the security descriptor of that user).
So, if your program is the only program that is using that user identity then technically, yes, the pipe would only be usable by your program. However, you then have to manage the security of the account.
IF you only need to support Windows Vista or later versions, there are Windows APIs you can call to find out the ProcessId and/or SessionID of the process on the other end of a pipe once a connection has been made (e.g. GetNamedPipeClientProcessId and family). You could use these to implement an explicit check to ensure that only the applications you want to communicate via the pipe can do so.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With