I've got an existing named pipe, say \\.\pipe\my_pipe. How can I, from cmd or powershell, get the ACL/Permissions of the pipe ?
Asked
Active
Viewed 4,246 times
7
Rob
- 14,746
- 28
- 47
- 65
Pierre Gayvallet
- 2,933
- 2
- 23
- 37
-
2[accesschk](https://learn.microsoft.com/en-us/sysinternals/downloads/accesschk) checks a named pipe when the path is prefixed with "\pipe", e.g. `accesschk -lv \pipe\InitShutdown`. – Eryk Sun Feb 22 '18 at 09:25
4 Answers
1
There is a great tool NtObjectManager by James Forshaw. After installing it, open PowerShell with Admin rights and run:
PS C:\WINDOWS\system32> $a = Get-NtNamedPipeFile "\Device\NamedPipe\spoolss"
PS C:\WINDOWS\system32> $a.SecurityDescriptor.Dacl
Type User Flags Mask
---- ---- ----- ----
Allowed BUILTIN\Users None 00100003
Allowed Everyone None 001201BB
Allowed NT AUTHORITY\ANONYMOUS LOGON None 001201BB
Allowed CREATOR OWNER None 001F01FF
Allowed NT AUTHORITY\SYSTEM None 001F01FF
Allowed BUILTIN\Administrators None 001F01FF
E235
- 11,560
- 24
- 91
- 141
0
This tool helps - https://learn.microsoft.com/en-us/sysinternals/downloads/accesschk
In PowerShell: .\accesschk64.exe \.\pipe<name>
aquaknight
- 11
-
5Building an answer based on existing comments is acceptable, but you ought to credit the comment author (in this case [@ErykSun](https://stackoverflow.com/questions/48923402/how-to-see-named-pipe-permission-from-command-line-on-windows#comment84853676_48923402)) – Ben Voigt Feb 11 '21 at 22:43
0
To expand upon this answer from another post:
Get-ChildItem \\.\pipe\ | ForEach-Object -ErrorAction SilentlyContinue GetAccessControl
You can also use Get-Member to help you navigate the FileSecurity object:
Get-ChildItem \\.\pipe\ | ForEach-Object -ErrorAction SilentlyContinue GetAccessControl | Get-Member
carrvo
- 511
- 5
- 11
