WinAPI: Open Named Mutex in Shell Extension for Preview and Current User Application

Question

I have a library that uses a named mutex to protect access to shared configuration data in the registry.

This library is now used both in a "normal" desktop application, and a Shell Preview extension handler. I observe the following behavior:

• If the mutex is created by the PrevHost.exe first (e.g. by previewing a file in explorer), the desktop application can open the mutex, and everything works.
• If the mutex is created by the desktop application first, the shell extension (running PrevHost.exe) can not open the mutex, failing with ACCESS DENIED.

I provide a nullptr security descriptor to CreateMutex.
How do I initialize a security descriptor that allows sharing the mutex between PrevHost.exe and a desktop application running under the current user?

Answer 1

The documentation says that if CreateMutex succeeds then the mutex is created with all access privileges. But if the mutex is already created with reduced privileges then CreateMutex cannot expand on them, and so it fails. This is my interpretation, but I could be wrong.

The solution in any case is to follow up with OpenMutex.