Update wine #471
9 changed files with 1 additions and 505 deletions
|
@ -5,20 +5,6 @@ args: {
|
|||
system,
|
||||
...
|
||||
}: let
|
||||
wine = nix-gaming.packages.x86_64-linux.wine-ge.overrideAttrs (super: {
|
||||
patches =
|
||||
super.patches
|
||||
or []
|
||||
++ [
|
||||
./wine/server-default_integrity/0001-server-Create-processes-using-a-limited-administrato.patch
|
||||
./wine/server-default_integrity/0002-shell32-Implement-the-runas-verb.patch
|
||||
./wine/server-default_integrity/0003-wine.inf-Set-the-EnableLUA-value-to-1.patch
|
||||
./wine/server-default_integrity/0004-msi-Create-the-custom-action-server-as-an-elevated-p.patch
|
||||
./wine/server-default_integrity/0005-ntdll-Always-start-the-initial-process-through-start.patch
|
||||
./wine/server-default_integrity/0006-kernelbase-Elevate-processes-if-requested-in-CreateP.patch
|
||||
./wine/server-default_integrity/0007-ntdll-Elevate-processes-if-requested-in-RtlCreateUse.patch
|
||||
];
|
||||
});
|
||||
in {
|
||||
home.packages =
|
||||
[
|
||||
|
@ -30,7 +16,7 @@ in {
|
|||
then [
|
||||
pkgs.xivlauncher
|
||||
nix-gaming.packages.x86_64-linux.osu-lazer-bin
|
||||
wine
|
||||
(pkgs.wineWowPackages.stagingFull.override {waylandSupport = true;})
|
||||
]
|
||||
else []
|
||||
);
|
||||
|
|
|
@ -1,27 +0,0 @@
|
|||
From 9804dd77fd8c0ec56963306f409fea6b910bb48d Mon Sep 17 00:00:00 2001
|
||||
From: Zebediah Figura <z.figura12@gmail.com>
|
||||
Date: Sun, 7 Feb 2021 22:54:19 -0600
|
||||
Subject: [PATCH] server: Create processes using a limited administrator token
|
||||
by default.
|
||||
|
||||
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
|
||||
---
|
||||
server/process.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/server/process.c b/server/process.c
|
||||
index 15387a2affa..3a8bbdbfb2e 100644
|
||||
--- a/server/process.c
|
||||
+++ b/server/process.c
|
||||
@@ -664,7 +664,7 @@ struct process *create_process( int fd, struct process *parent, unsigned int fla
|
||||
if (!parent)
|
||||
{
|
||||
process->handles = alloc_handle_table( process, 0 );
|
||||
- process->token = token_create_admin( TRUE, -1, TokenElevationTypeFull, default_session_id );
|
||||
+ process->token = token_create_admin( TRUE, -1, TokenElevationTypeLimited, default_session_id );
|
||||
process->affinity = ~0;
|
||||
}
|
||||
else
|
||||
--
|
||||
2.30.2
|
||||
|
|
@ -1,76 +0,0 @@
|
|||
From ede24db26773b5ce2c2d7e13bf12939b55124281 Mon Sep 17 00:00:00 2001
|
||||
From: Zebediah Figura <z.figura12@gmail.com>
|
||||
Date: Fri, 26 Feb 2021 22:31:19 -0600
|
||||
Subject: [PATCH] shell32: Implement the "runas" verb.
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
Based on a patch by Michael Müller.
|
||||
|
||||
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
|
||||
---
|
||||
dlls/shell32/shlexec.c | 26 ++++++++++++++++++++++++--
|
||||
1 file changed, 24 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/dlls/shell32/shlexec.c b/dlls/shell32/shlexec.c
|
||||
index 8c7e3cf0808..c9a996a13dd 100644
|
||||
--- a/dlls/shell32/shlexec.c
|
||||
+++ b/dlls/shell32/shlexec.c
|
||||
@@ -292,6 +292,21 @@ static HRESULT SHELL_GetPathFromIDListForExecuteW(LPCITEMIDLIST pidl, LPWSTR psz
|
||||
return hr;
|
||||
}
|
||||
|
||||
+static HANDLE get_admin_token(void)
|
||||
+{
|
||||
+ TOKEN_ELEVATION_TYPE type;
|
||||
+ TOKEN_LINKED_TOKEN linked;
|
||||
+ DWORD size;
|
||||
+
|
||||
+ if (!GetTokenInformation(GetCurrentThreadEffectiveToken(), TokenElevationType, &type, sizeof(type), &size)
|
||||
+ || type == TokenElevationTypeFull)
|
||||
+ return NULL;
|
||||
+
|
||||
+ if (!GetTokenInformation(GetCurrentThreadEffectiveToken(), TokenLinkedToken, &linked, sizeof(linked), &size))
|
||||
+ return NULL;
|
||||
+ return linked.LinkedToken;
|
||||
+}
|
||||
+
|
||||
/*************************************************************************
|
||||
* SHELL_ExecuteW [Internal]
|
||||
*
|
||||
@@ -305,6 +320,7 @@ static UINT_PTR SHELL_ExecuteW(const WCHAR *lpCmd, WCHAR *env, BOOL shWait,
|
||||
UINT gcdret = 0;
|
||||
WCHAR curdir[MAX_PATH];
|
||||
DWORD dwCreationFlags;
|
||||
+ HANDLE token = NULL;
|
||||
|
||||
TRACE("Execute %s from directory %s\n", debugstr_w(lpCmd), debugstr_w(psei->lpDirectory));
|
||||
|
||||
@@ -326,8 +342,12 @@ static UINT_PTR SHELL_ExecuteW(const WCHAR *lpCmd, WCHAR *env, BOOL shWait,
|
||||
dwCreationFlags = CREATE_UNICODE_ENVIRONMENT;
|
||||
if (!(psei->fMask & SEE_MASK_NO_CONSOLE))
|
||||
dwCreationFlags |= CREATE_NEW_CONSOLE;
|
||||
- if (CreateProcessW(NULL, (LPWSTR)lpCmd, NULL, NULL, FALSE, dwCreationFlags, env,
|
||||
- NULL, &startup, &info))
|
||||
+
|
||||
+ if (psei->lpVerb && !wcsicmp(psei->lpVerb, L"runas"))
|
||||
+ token = get_admin_token();
|
||||
+
|
||||
+ if (CreateProcessAsUserW(token, NULL, (LPWSTR)lpCmd, NULL, NULL, FALSE,
|
||||
+ dwCreationFlags, env, NULL, &startup, &info))
|
||||
{
|
||||
/* Give 30 seconds to the app to come up, if desired. Probably only needed
|
||||
when starting app immediately before making a DDE connection. */
|
||||
@@ -347,6 +367,8 @@ static UINT_PTR SHELL_ExecuteW(const WCHAR *lpCmd, WCHAR *env, BOOL shWait,
|
||||
retval = ERROR_BAD_FORMAT;
|
||||
}
|
||||
|
||||
+ CloseHandle(token);
|
||||
+
|
||||
TRACE("returning %Iu\n", retval);
|
||||
|
||||
psei_out->hInstApp = (HINSTANCE)retval;
|
||||
--
|
||||
2.34.1
|
||||
|
|
@ -1,29 +0,0 @@
|
|||
From dc1f602da6ed3a574697fe8b5bc4590d74e344f5 Mon Sep 17 00:00:00 2001
|
||||
From: Zebediah Figura <z.figura12@gmail.com>
|
||||
Date: Fri, 26 Feb 2021 22:41:35 -0600
|
||||
Subject: [PATCH] wine.inf: Set the EnableLUA value to 1.
|
||||
|
||||
This signifies that UAC is active.
|
||||
|
||||
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=50727
|
||||
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
|
||||
---
|
||||
loader/wine.inf.in | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/loader/wine.inf.in b/loader/wine.inf.in
|
||||
index 24da6f3af6b..a72279e9881 100644
|
||||
--- a/loader/wine.inf.in
|
||||
+++ b/loader/wine.inf.in
|
||||
@@ -526,7 +526,7 @@ HKLM,%CurrentVersion%\Explorer\DriveIcons,,16
|
||||
HKLM,%CurrentVersion%\Explorer\KindMap,,16
|
||||
HKLM,%CurrentVersion%\Group Policy,,16
|
||||
HKLM,%CurrentVersion%\Installer,"InstallerLocation",,"%11%"
|
||||
-HKLM,%CurrentVersion%\Policies\System,"EnableLUA",0x10003,0
|
||||
+HKLM,%CurrentVersion%\Policies\System,"EnableLUA",0x10001,1
|
||||
HKLM,%CurrentVersion%\PreviewHandlers,,16
|
||||
HKLM,%CurrentVersion%\Run,,16
|
||||
HKLM,%CurrentVersion%\Setup,"BootDir",,"%30%"
|
||||
--
|
||||
2.30.2
|
||||
|
|
@ -1,68 +0,0 @@
|
|||
From f2de1c5d2fcda876276e077b61f9fba5ff3f7f12 Mon Sep 17 00:00:00 2001
|
||||
From: Zebediah Figura <z.figura12@gmail.com>
|
||||
Date: Sun, 16 May 2021 20:49:05 -0500
|
||||
Subject: [PATCH] msi: Create the custom action server as an elevated process.
|
||||
|
||||
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=51143
|
||||
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
|
||||
---
|
||||
dlls/msi/custom.c | 24 ++++++++++++++++++++++--
|
||||
1 file changed, 22 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/dlls/msi/custom.c b/dlls/msi/custom.c
|
||||
index fb03958eb11..874b9b92118 100644
|
||||
--- a/dlls/msi/custom.c
|
||||
+++ b/dlls/msi/custom.c
|
||||
@@ -574,12 +574,28 @@ UINT CDECL __wine_msi_call_dll_function(DWORD client_pid, const GUID *guid)
|
||||
return r;
|
||||
}
|
||||
|
||||
+static HANDLE get_admin_token(void)
|
||||
+{
|
||||
+ TOKEN_ELEVATION_TYPE type;
|
||||
+ TOKEN_LINKED_TOKEN linked;
|
||||
+ DWORD size;
|
||||
+
|
||||
+ if (!GetTokenInformation(GetCurrentThreadEffectiveToken(), TokenElevationType, &type, sizeof(type), &size)
|
||||
+ || type == TokenElevationTypeFull)
|
||||
+ return NULL;
|
||||
+
|
||||
+ if (!GetTokenInformation(GetCurrentThreadEffectiveToken(), TokenLinkedToken, &linked, sizeof(linked), &size))
|
||||
+ return NULL;
|
||||
+ return linked.LinkedToken;
|
||||
+}
|
||||
+
|
||||
static DWORD custom_start_server(MSIPACKAGE *package, DWORD arch)
|
||||
{
|
||||
WCHAR path[MAX_PATH], cmdline[MAX_PATH + 23];
|
||||
PROCESS_INFORMATION pi = {0};
|
||||
STARTUPINFOW si = {0};
|
||||
WCHAR buffer[24];
|
||||
+ HANDLE token;
|
||||
void *cookie;
|
||||
HANDLE pipe;
|
||||
|
||||
@@ -601,14 +617,18 @@ static DWORD custom_start_server(MSIPACKAGE *package, DWORD arch)
|
||||
lstrcatW(path, L"\\msiexec.exe");
|
||||
swprintf(cmdline, ARRAY_SIZE(cmdline), L"%s -Embedding %d", path, GetCurrentProcessId());
|
||||
|
||||
+ token = get_admin_token();
|
||||
+
|
||||
if (is_wow64 && arch == SCS_64BIT_BINARY)
|
||||
{
|
||||
Wow64DisableWow64FsRedirection(&cookie);
|
||||
- CreateProcessW(path, cmdline, NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi);
|
||||
+ CreateProcessAsUserW(token, path, cmdline, NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi);
|
||||
Wow64RevertWow64FsRedirection(cookie);
|
||||
}
|
||||
else
|
||||
- CreateProcessW(path, cmdline, NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi);
|
||||
+ CreateProcessAsUserW(token, path, cmdline, NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi);
|
||||
+
|
||||
+ if (token) CloseHandle(token);
|
||||
|
||||
CloseHandle(pi.hThread);
|
||||
|
||||
--
|
||||
2.30.2
|
||||
|
|
@ -1,50 +0,0 @@
|
|||
From b08427ea0575faf213100269bf5bc931ec05930b Mon Sep 17 00:00:00 2001
|
||||
From: Zebediah Figura <z.figura12@gmail.com>
|
||||
Date: Fri, 21 May 2021 21:52:06 -0500
|
||||
Subject: [PATCH] ntdll: Always start the initial process through start.exe.
|
||||
|
||||
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
|
||||
---
|
||||
dlls/ntdll/unix/env.c | 19 +++----------------
|
||||
1 file changed, 3 insertions(+), 16 deletions(-)
|
||||
|
||||
diff --git a/dlls/ntdll/unix/env.c b/dlls/ntdll/unix/env.c
|
||||
index ae1afb2797b..02af2c5ca5a 100644
|
||||
--- a/dlls/ntdll/unix/env.c
|
||||
+++ b/dlls/ntdll/unix/env.c
|
||||
@@ -2116,6 +2116,7 @@ static void init_peb( RTL_USER_PROCESS_PARAMETERS *params, void *module )
|
||||
*/
|
||||
static RTL_USER_PROCESS_PARAMETERS *build_initial_params( void **module )
|
||||
{
|
||||
+ static const char *args[] = { "start.exe", "/exec" };
|
||||
static const WCHAR valueW[] = {'1',0};
|
||||
static const WCHAR pathW[] = {'P','A','T','H'};
|
||||
RTL_USER_PROCESS_PARAMETERS *params = NULL;
|
||||
@@ -2144,22 +2145,8 @@ static RTL_USER_PROCESS_PARAMETERS *build_initial_params( void **module )
|
||||
add_registry_environment( &env, &env_pos, &env_size );
|
||||
env[env_pos++] = 0;
|
||||
|
||||
- status = load_main_exe( NULL, main_argv[1], curdir, &image, module );
|
||||
- if (!status)
|
||||
- {
|
||||
- if (main_image_info.ImageCharacteristics & IMAGE_FILE_DLL) status = STATUS_INVALID_IMAGE_FORMAT;
|
||||
- if (main_image_info.Machine != current_machine) status = STATUS_INVALID_IMAGE_FORMAT;
|
||||
- }
|
||||
-
|
||||
- if (status) /* try launching it through start.exe */
|
||||
- {
|
||||
- static const char *args[] = { "start.exe", "/exec" };
|
||||
- free( image );
|
||||
- if (*module) NtUnmapViewOfSection( GetCurrentProcess(), *module );
|
||||
- load_start_exe( &image, module );
|
||||
- prepend_argv( args, 2 );
|
||||
- }
|
||||
- else rebuild_argv();
|
||||
+ load_start_exe( &image, module );
|
||||
+ prepend_argv( args, 2 );
|
||||
|
||||
main_wargv = build_wargv( get_dos_path( image ));
|
||||
cmdline = build_command_line( main_wargv );
|
||||
--
|
||||
2.32.0
|
||||
|
|
@ -1,111 +0,0 @@
|
|||
From 71aba24d166ee16f6ea52d1b63acabccf0532514 Mon Sep 17 00:00:00 2001
|
||||
From: Zebediah Figura <z.figura12@gmail.com>
|
||||
Date: Sun, 18 Apr 2021 17:46:35 -0500
|
||||
Subject: [PATCH] kernelbase: Elevate processes if requested in
|
||||
CreateProcessInternal().
|
||||
|
||||
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
|
||||
---
|
||||
dlls/kernelbase/process.c | 57 +++++++++++++++++++++++++++++++++++++--
|
||||
1 file changed, 55 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/dlls/kernelbase/process.c b/dlls/kernelbase/process.c
|
||||
index 35381f409e9..e64076cb860 100644
|
||||
--- a/dlls/kernelbase/process.c
|
||||
+++ b/dlls/kernelbase/process.c
|
||||
@@ -30,6 +30,7 @@
|
||||
#include "winnls.h"
|
||||
#include "wincontypes.h"
|
||||
#include "winternl.h"
|
||||
+#include "winuser.h"
|
||||
|
||||
#include "kernelbase.h"
|
||||
#include "wine/debug.h"
|
||||
@@ -414,6 +415,54 @@ BOOL WINAPI DECLSPEC_HOTPATCH CloseHandle( HANDLE handle )
|
||||
}
|
||||
|
||||
|
||||
+static BOOL image_needs_elevation( const WCHAR *path )
|
||||
+{
|
||||
+ ACTIVATION_CONTEXT_RUN_LEVEL_INFORMATION run_level;
|
||||
+ BOOL ret = FALSE;
|
||||
+ HANDLE handle;
|
||||
+ ACTCTXW ctx;
|
||||
+
|
||||
+ ctx.cbSize = sizeof(ctx);
|
||||
+ ctx.dwFlags = ACTCTX_FLAG_RESOURCE_NAME_VALID;
|
||||
+ ctx.lpSource = path;
|
||||
+ ctx.lpResourceName = (const WCHAR *)CREATEPROCESS_MANIFEST_RESOURCE_ID;
|
||||
+
|
||||
+ if (RtlCreateActivationContext( &handle, &ctx )) return FALSE;
|
||||
+
|
||||
+ if (!RtlQueryInformationActivationContext( 0, handle, NULL, RunlevelInformationInActivationContext,
|
||||
+ &run_level, sizeof(run_level), NULL ))
|
||||
+ {
|
||||
+ TRACE( "image requested run level %#x\n", run_level.RunLevel );
|
||||
+ if (run_level.RunLevel == ACTCTX_RUN_LEVEL_HIGHEST_AVAILABLE
|
||||
+ || run_level.RunLevel == ACTCTX_RUN_LEVEL_REQUIRE_ADMIN)
|
||||
+ ret = TRUE;
|
||||
+ }
|
||||
+ RtlReleaseActivationContext( handle );
|
||||
+
|
||||
+ return ret;
|
||||
+}
|
||||
+
|
||||
+
|
||||
+static HANDLE get_elevated_token(void)
|
||||
+{
|
||||
+ TOKEN_ELEVATION_TYPE type;
|
||||
+ TOKEN_LINKED_TOKEN linked;
|
||||
+ NTSTATUS status;
|
||||
+
|
||||
+ if ((status = NtQueryInformationToken( GetCurrentThreadEffectiveToken(),
|
||||
+ TokenElevationType, &type, sizeof(type), NULL )))
|
||||
+ return NULL;
|
||||
+
|
||||
+ if (type == TokenElevationTypeFull) return NULL;
|
||||
+
|
||||
+ if ((status = NtQueryInformationToken( GetCurrentThreadEffectiveToken(),
|
||||
+ TokenLinkedToken, &linked, sizeof(linked), NULL )))
|
||||
+ return NULL;
|
||||
+
|
||||
+ return linked.LinkedToken;
|
||||
+}
|
||||
+
|
||||
+
|
||||
/**********************************************************************
|
||||
* CreateProcessAsUserA (kernelbase.@)
|
||||
*/
|
||||
@@ -500,7 +549,7 @@ BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessInternalW( HANDLE token, const WCHAR
|
||||
WCHAR *p, *tidy_cmdline = cmd_line, *orig_app_name = NULL;
|
||||
RTL_USER_PROCESS_PARAMETERS *params = NULL;
|
||||
RTL_USER_PROCESS_INFORMATION rtl_info;
|
||||
- HANDLE parent = 0, debug = 0;
|
||||
+ HANDLE parent = 0, debug = 0, elevated_token = NULL;
|
||||
const WCHAR *append;
|
||||
ULONG nt_flags = 0;
|
||||
NTSTATUS status;
|
||||
|
||||
@@ -608,6 +657,9 @@ BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessInternalW( HANDLE token, const WCHAR
|
||||
if (flags & CREATE_BREAKAWAY_FROM_JOB) nt_flags |= PROCESS_CREATE_FLAGS_BREAKAWAY;
|
||||
if (flags & CREATE_SUSPENDED) nt_flags |= PROCESS_CREATE_FLAGS_SUSPENDED;
|
||||
|
||||
+ if (!token && image_needs_elevation( params->ImagePathName.Buffer ))
|
||||
+ token = elevated_token = get_elevated_token();
|
||||
+
|
||||
status = create_nt_process( token, debug, process_attr, thread_attr,
|
||||
nt_flags, params, &rtl_info, parent, handle_list, job_list );
|
||||
switch (status)
|
||||
@@ -649,7 +701,8 @@ BOOL WINAPI DECLSPEC_HOTPATCH CreateProcessInternalW( HANDLE token, const WCHAR
|
||||
TRACE( "started process pid %04lx tid %04lx\n", info->dwProcessId, info->dwThreadId );
|
||||
}
|
||||
|
||||
- done:
|
||||
+done:
|
||||
+ if (elevated_token) NtClose( elevated_token );
|
||||
RtlDestroyProcessParameters( params );
|
||||
if (tidy_cmdline != cmd_line) HeapFree( GetProcessHeap(), 0, tidy_cmdline );
|
||||
return set_ntstatus( status );
|
||||
--
|
||||
2.34.1
|
||||
|
|
@ -1,127 +0,0 @@
|
|||
From 20e95575948faec1eca2e88967e985539a512cd5 Mon Sep 17 00:00:00 2001
|
||||
From: Zebediah Figura <z.figura12@gmail.com>
|
||||
Date: Sun, 18 Apr 2021 17:46:44 -0500
|
||||
Subject: [PATCH] ntdll: Elevate processes if requested in
|
||||
RtlCreateUserProcess().
|
||||
|
||||
Signed-off-by: Zebediah Figura <z.figura12@gmail.com>
|
||||
---
|
||||
dlls/ntdll/process.c | 79 +++++++++++++++++++++++++++++++++++++++++---
|
||||
1 file changed, 74 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/dlls/ntdll/process.c b/dlls/ntdll/process.c
|
||||
index 160b1f549c9..fd437ea07d4 100644
|
||||
--- a/dlls/ntdll/process.c
|
||||
+++ b/dlls/ntdll/process.c
|
||||
@@ -39,6 +39,9 @@
|
||||
WINE_DEFAULT_DEBUG_CHANNEL(process);
|
||||
|
||||
|
||||
+/* we don't want to include winuser.h */
|
||||
+#define CREATEPROCESS_MANIFEST_RESOURCE_ID ((ULONG_PTR)1)
|
||||
+
|
||||
/******************************************************************************
|
||||
* RtlGetCurrentPeb [NTDLL.@]
|
||||
*
|
||||
@@ -82,6 +85,63 @@ NTSTATUS WINAPI RtlWow64EnableFsRedirectionEx( ULONG disable, ULONG *old_value )
|
||||
}
|
||||
|
||||
|
||||
+static BOOL image_needs_elevation( const UNICODE_STRING *path )
|
||||
+{
|
||||
+ ACTIVATION_CONTEXT_RUN_LEVEL_INFORMATION run_level;
|
||||
+ UNICODE_STRING path0;
|
||||
+ BOOL ret = FALSE;
|
||||
+ HANDLE handle;
|
||||
+ ACTCTXW ctx;
|
||||
+
|
||||
+ if (RtlDuplicateUnicodeString( 1, path, &path0 ))
|
||||
+ return FALSE;
|
||||
+
|
||||
+ ctx.cbSize = sizeof(ctx);
|
||||
+ ctx.dwFlags = ACTCTX_FLAG_RESOURCE_NAME_VALID;
|
||||
+ ctx.lpSource = path0.Buffer;
|
||||
+ ctx.lpResourceName = (const WCHAR *)CREATEPROCESS_MANIFEST_RESOURCE_ID;
|
||||
+
|
||||
+ if (RtlCreateActivationContext( &handle, &ctx ))
|
||||
+ {
|
||||
+ RtlFreeUnicodeString( &path0 );
|
||||
+ return FALSE;
|
||||
+ }
|
||||
+
|
||||
+ if (!RtlQueryInformationActivationContext( 0, handle, NULL, RunlevelInformationInActivationContext,
|
||||
+ &run_level, sizeof(run_level), NULL ))
|
||||
+ {
|
||||
+ TRACE( "image requested run level %#x\n", run_level.RunLevel );
|
||||
+ if (run_level.RunLevel == ACTCTX_RUN_LEVEL_HIGHEST_AVAILABLE
|
||||
+ || run_level.RunLevel == ACTCTX_RUN_LEVEL_REQUIRE_ADMIN)
|
||||
+ ret = TRUE;
|
||||
+ }
|
||||
+ RtlReleaseActivationContext( handle );
|
||||
+ RtlFreeUnicodeString( &path0 );
|
||||
+ return ret;
|
||||
+}
|
||||
+
|
||||
+
|
||||
+static HANDLE get_elevated_token(void)
|
||||
+{
|
||||
+ TOKEN_ELEVATION_TYPE type;
|
||||
+ TOKEN_LINKED_TOKEN linked;
|
||||
+ NTSTATUS status;
|
||||
+
|
||||
+ if ((status = NtQueryInformationToken( GetCurrentThreadEffectiveToken(),
|
||||
+ TokenElevationType, &type, sizeof(type), NULL )))
|
||||
+ return NULL;
|
||||
+
|
||||
+ if (type == TokenElevationTypeFull) return NULL;
|
||||
+
|
||||
+
|
||||
+ if ((status = NtQueryInformationToken( GetCurrentThreadEffectiveToken(),
|
||||
+ TokenLinkedToken, &linked, sizeof(linked), NULL )))
|
||||
+ return NULL;
|
||||
+
|
||||
+ return linked.LinkedToken;
|
||||
+}
|
||||
+
|
||||
+
|
||||
/**********************************************************************
|
||||
* RtlWow64GetCurrentMachine (NTDLL.@)
|
||||
*/
|
||||
@@ -294,8 +354,15 @@ NTSTATUS WINAPI RtlCreateUserProcess( UNICODE_STRING *path, ULONG attributes,
|
||||
PS_CREATE_INFO create_info;
|
||||
ULONG_PTR buffer[offsetof( PS_ATTRIBUTE_LIST, Attributes[6] ) / sizeof(ULONG_PTR)];
|
||||
PS_ATTRIBUTE_LIST *attr = (PS_ATTRIBUTE_LIST *)buffer;
|
||||
+ HANDLE elevated_token = NULL;
|
||||
+ NTSTATUS status;
|
||||
UINT pos = 0;
|
||||
|
||||
+ /* It's not clear whether we should use path or ¶ms->ImagePathName here,
|
||||
+ * but Roblox Player tries to pass an empty string for the latter. */
|
||||
+ if (!token && image_needs_elevation( path ))
|
||||
+ token = elevated_token = get_elevated_token();
|
||||
+
|
||||
RtlNormalizeProcessParams( params );
|
||||
|
||||
attr->Attributes[pos].Attribute = PS_ATTRIBUTE_IMAGE_NAME;
|
||||
@@ -342,11 +409,13 @@ NTSTATUS WINAPI RtlCreateUserProcess( UNICODE_STRING *path, ULONG attributes,
|
||||
InitializeObjectAttributes( &process_attr, NULL, 0, NULL, process_descr );
|
||||
InitializeObjectAttributes( &thread_attr, NULL, 0, NULL, thread_descr );
|
||||
|
||||
- return NtCreateUserProcess( &info->Process, &info->Thread, PROCESS_ALL_ACCESS, THREAD_ALL_ACCESS,
|
||||
- &process_attr, &thread_attr,
|
||||
- inherit ? PROCESS_CREATE_FLAGS_INHERIT_HANDLES : 0,
|
||||
- THREAD_CREATE_FLAGS_CREATE_SUSPENDED, params,
|
||||
- &create_info, attr );
|
||||
+ status = NtCreateUserProcess( &info->Process, &info->Thread, PROCESS_ALL_ACCESS, THREAD_ALL_ACCESS,
|
||||
+ &process_attr, &thread_attr,
|
||||
+ inherit ? PROCESS_CREATE_FLAGS_INHERIT_HANDLES : 0,
|
||||
+ THREAD_CREATE_FLAGS_CREATE_SUSPENDED, params, &create_info, attr );
|
||||
+
|
||||
+ if (elevated_token) NtClose( elevated_token );
|
||||
+ return status;
|
||||
}
|
||||
|
||||
/***********************************************************************
|
||||
--
|
||||
2.32.0
|
||||
|
|
@ -1,2 +0,0 @@
|
|||
Fixes: [40613] Multiple applications require UAC implementation to run installer/app as a normal user instead of administrator (WhatsApp Desktop, Smartflix, Squirrel Installers, OneDrive)
|
||||
Fixes: [39262] DiscordSetup.exe (.NET 4.5.2 app): Squirrell installer requires being run as unelevated process ('explorer.exe' should run unelevated by default with Vista+ setting)
|
Loading…
Reference in a new issue