runner: initialize COM security, so toast notifications work in elevated context from non-admin account (#5314)

2026-04-05 02:36:19 +02:00 · 2020-08-05 19:06:50 +03:00
parent 814f6213fa
commit 59ebe30b72
7 changed files with 97 additions and 78 deletions
--- a/src/settings/main.cpp
+++ b/src/settings/main.cpp
@@ -7,7 +7,7 @@
 #include "resource.h"
 #include <common/dpi_aware.h>
 #include <common/common.h>
-#include <Sddl.h>
+#include <common/comUtils.h>

 #include "trace.h"

@@ -493,8 +493,10 @@ void parse_args()
    LocalFree(argument_list);
 }

-bool initialize_com_security_policy_for_webview()
+int WINAPI WinMain(_In_ HINSTANCE hInstance, _In_opt_ HINSTANCE hPrevInstance, _In_ LPSTR lpCmdLine, _In_ int nShowCmd)
 {
+    Trace::RegisterProvider();
+    CoInitialize(nullptr);
    const wchar_t* security_descriptor =
        L"O:BA" // Owner: Builtin (local) administrator
        L"G:BA" // Group: Builtin (local) administrator
@@ -505,69 +507,8 @@ bool initialize_com_security_policy_for_webview()
        L"(A;;0x3;;;S-1-15-3-1310292540-1029022339-4008023048-2190398717-53961996-4257829345-603366646)" // Access allowed on COM_RIGHTS_EXECUTE, & _LOCAL for Win32WebViewHost package capability
        L"S:"
        L"(ML;;NX;;;LW)"; // Integrity label on No execute up for Low mandatory level
-    PSECURITY_DESCRIPTOR self_relative_sd{};
-    if (!ConvertStringSecurityDescriptorToSecurityDescriptorW(security_descriptor, SDDL_REVISION_1, &self_relative_sd, nullptr))
-    {
-        return false;
-    }

-    on_scope_exit free_relative_sd([&] {
-        LocalFree(self_relative_sd);
-    });
-
-    DWORD absolute_sd_size = 0;
-    DWORD dacl_size = 0;
-    DWORD group_size = 0;
-    DWORD owner_size = 0;
-    DWORD sacl_size = 0;
-
-    if (!MakeAbsoluteSD(self_relative_sd, nullptr, &absolute_sd_size, nullptr, &dacl_size, nullptr, &sacl_size, nullptr, &owner_size, nullptr, &group_size))
-    {
-        if (GetLastError() != ERROR_INSUFFICIENT_BUFFER)
-        {
-            return false;
-        }
-    }
-
-    typed_storage<SECURITY_DESCRIPTOR> absolute_sd{ absolute_sd_size };
-    typed_storage<ACL> dacl{ dacl_size };
-    typed_storage<ACL> sacl{ sacl_size };
-    typed_storage<SID> owner{ owner_size };
-    typed_storage<SID> group{ group_size };
-
-    if (!MakeAbsoluteSD(self_relative_sd,
-                        absolute_sd,
-                        &absolute_sd_size,
-                        dacl,
-                        &dacl_size,
-                        sacl,
-                        &sacl_size,
-                        owner,
-                        &owner_size,
-                        group,
-                        &group_size))
-    {
-        return false;
-    }
-
-    return !FAILED(CoInitializeSecurity(
-        absolute_sd,
-        -1,
-        nullptr,
-        nullptr,
-        RPC_C_AUTHN_LEVEL_PKT_PRIVACY,
-        RPC_C_IMP_LEVEL_IDENTIFY,
-        nullptr,
-        EOAC_DYNAMIC_CLOAKING | EOAC_DISABLE_AAA,
-        nullptr));
-}
-
-int WINAPI WinMain(_In_ HINSTANCE hInstance, _In_opt_ HINSTANCE hPrevInstance, _In_ LPSTR lpCmdLine, _In_ int nShowCmd)
-{
-    Trace::RegisterProvider();
-    CoInitialize(nullptr);
-
-    const bool should_try_drop_privileges = !initialize_com_security_policy_for_webview() && is_process_elevated(false);
+    const bool should_try_drop_privileges = !initializeCOMSecurity(security_descriptor) && is_process_elevated(false);

    if (should_try_drop_privileges)
    {