Call CoInitializeSecurity during startup to enable lower privilege clients to connect.

Author: forderud

MyServerCpp/Main.cpp

@@ -19,7 +19,17 @@ MyserverModule _AtlModule;
 
 // EXE Entry Point
 int wmain(int /*argc*/, wchar_t* /*argv*/[]) {
-    ComInitialize com(COINIT_MULTITHREADED);
+    // initialize COM early for programmatic COM security
+    _AtlModule.InitializeCom();
+
+    // Disable COM security to allow any client to connect.
+    // WARNING: Enables non-admin clients to connect to a server running with admin privileges.
+    HRESULT hr = CoInitializeSecurity(nullptr, -1/*auto*/, nullptr, NULL/*reserved*/,
+        RPC_C_AUTHN_LEVEL_DEFAULT, ///< 
+        RPC_C_IMP_LEVEL_IDENTIFY,  ///< allow server to identify but not impersonate client
+        nullptr, EOAC_NONE/*capabilities*/, NULL/*reserved*/);
+    if (FAILED(hr))
+        abort();
 
     return _AtlModule.WinMain(SW_SHOWDEFAULT);
 }