Settings: initialize COM security to allow communication between elevated Settings and WebView

2024-12-01 09:59:06 +08:00 · 2020-01-24 18:26:44 +03:00 · 2020-01-24 18:26:44 +03:00 · 482ad0e5ee
commit 482ad0e5ee
parent cd6ac4f8c2
2 changed files with 73 additions and 2 deletions
--- a/src/settings/main.cpp
+++ b/src/settings/main.cpp
@ -482,11 +482,82 @@ void parse_args()
    LocalFree(argument_list);
 }

+bool initialize_com_security_policy_for_webview()
+{
+    const wchar_t* security_descriptor =
+        L"O:BA" // Owner: Builtin (local) administrator
+        L"G:BA" // Group: Builtin (local) administrator
+        L"D:"
+        L"(A;;0x7;;;PS)" // Access allowed on COM_RIGHTS_EXECUTE, _LOCAL, & _REMOTE for Personal self
+        L"(A;;0x3;;;SY)" // Access allowed on COM_RIGHTS_EXECUTE, & _LOCAL for Local system
+        L"(A;;0x7;;;BA)" // Access allowed on COM_RIGHTS_EXECUTE, _LOCAL, & _REMOTE for Builtin (local) administrator
+        L"(A;;0x3;;;S-1-15-3-1310292540-1029022339-4008023048-2190398717-53961996-4257829345-603366646)" // Access allowed on COM_RIGHTS_EXECUTE, & _LOCAL for Win32WebViewHost package capability
+        L"S:"
+        L"(ML;;NX;;;LW)"; // Integrity label on No execute up for Low mandatory level
+    PSECURITY_DESCRIPTOR self_relative_sd{};
+    if (!ConvertStringSecurityDescriptorToSecurityDescriptorW(security_descriptor, SDDL_REVISION_1, &self_relative_sd, nullptr))
+    {
+        return false;
+    }
+
+    on_scope_exit free_realtive_sd([&] {
+        LocalFree(self_relative_sd);
+    });
+
+    DWORD absolute_sd_size = 0;
+    DWORD dacl_size = 0;
+    DWORD group_size = 0;
+    DWORD owner_size = 0;
+    DWORD sacl_size = 0;
+
+    if (!MakeAbsoluteSD(self_relative_sd, nullptr, &absolute_sd_size, nullptr, &dacl_size, nullptr, &sacl_size, nullptr, &owner_size, nullptr, &group_size))
+    {
+        if (GetLastError() != ERROR_INSUFFICIENT_BUFFER)
+        {
+            return false;
+        }
+    }
+
+    typed_storage<SECURITY_DESCRIPTOR> absolute_sd{ absolute_sd_size };
+    typed_storage<ACL> dacl{ dacl_size };
+    typed_storage<ACL> sacl{ sacl_size };
+    typed_storage<SID> owner{ owner_size };
+    typed_storage<SID> group{ group_size };
+
+    if (!MakeAbsoluteSD(self_relative_sd,
+                        absolute_sd,
+                        &absolute_sd_size,
+                        dacl,
+                        &dacl_size,
+                        sacl,
+                        &sacl_size,
+                        owner,
+                        &owner_size,
+                        group,
+                        &group_size))
+    {
+        return false;
+    }
+
+    return !FAILED(CoInitializeSecurity(
+        absolute_sd,
+        -1,
+        nullptr,
+        nullptr,
+        RPC_C_AUTHN_LEVEL_PKT_PRIVACY,
+        RPC_C_IMP_LEVEL_IDENTIFY,
+        nullptr,
+        EOAC_DYNAMIC_CLOAKING | EOAC_DISABLE_AAA,
+        nullptr));
+}
+
 int WINAPI WinMain(_In_ HINSTANCE hInstance, _In_opt_ HINSTANCE hPrevInstance, _In_ LPSTR lpCmdLine, _In_ int nShowCmd)
 {
    CoInitialize(nullptr);

-    if (is_process_elevated())
+    const bool should_try_drop_privileges = !initialize_com_security_policy_for_webview() && is_process_elevated();
+
+    if (should_try_drop_privileges)
    {
        if (!drop_elevated_privileges())
        {