Is it possible to create a custom Access Token to create Access Control Entries for a Discretionary Access Control List that will allow only certain processes to access a Global Mutex Object if they have the matching Access Token?
This is in Windows using C++.
DACL contains SID's representing users or groups. So you can change access rights for certain users or groups not for processes. This means that if you change DACL of an object, processes having matching SID's will be affected.
You can create a Security Descriptor and pass it to CreateMutex() or change its DACL after the mutex is created using e.g.
SetSecurityInfo(Mutex, SE_KERNEL_OBJECT, DACL_SECURITY_INFORMATION, NULL, NULL, pDACL, NULL);
