Question 6 :
How the handles are handled in the child process?
The operating system creates the new child process but does not allow the child process to begin executing its code right away. Of course, the system creates a new, empty process handle table for the child process just as it would for any new process. But because you passed TRUE to CreateProcess's bInheritHandles parameter, the system does one more thing: it walks the parent process's handle table, and for each entry it finds that contains a valid inheritable handle, the system copies the entry exactly into the child process's handle table. The entry is copied to the exact same position in the child process's handle table as in the parent's handle table.
Question 7 :
Why the entries in the parent process table and child table are same?
It means that the handle value that identifies a kernel object is identical in both the parent and the child processes.
Question 8 :
What about the usage count in the parent child process tables?
The system increments the usage count of the kernel object because two processes are now using the object. For the kernel object to be destroyed, both the parent process and the child process must either call CloseHandle on the object or terminate.
Question 9 :
What are Named Objects?
Method available for sharing kernel objects across process boundaries is to name the objects. Below are the kernel named objects:
There are APIs to create these objects with last parameter as the object name.
Question 10 :
What do you mean by unnamed object?
When you are creating the kernel objects with the help of API's like CreateMutex(, , , ,pzname). And the Pzname parameter is NULL , you are indicating to the system that you want to create an unnamed (anonymous) kernel object. When you create an unnamed object, you can share the object across processes by using either inheritance or DuplicateHandle