Call-level Security in Windows 95
The current release of DCOM for Windows 95 has the same default access permission as Windows NT. Dcomcnfg.exe can be used to change the default on both operating systems. Programmatic security is supported as follows:
-
CoInitializeSecurity, IClientSecurity, CoGetCallContext, and the related helper functions are all fully supported. However, CoInitializeSecurity returns E_NOTIMPL if you specify a security descriptor for the pVoid parameter.
-
IServerSecurity and its related helper functions are all fully supported, except for IServerSecurity::ImpersonateClient and its helper function CoImpersonateClient. However, IAccessControl is also supported on DCOM for Windows 95, which helps a server do access checking (without impersonation).
-
Windows 95 machines can make calls at any authentication level, but incoming calls will arrive at an authentication level of none or connect (RPC_C_AUTHN_LEVEL_NONE or RPC_C_AUTHN_LEVEL_CONNECT).