[*] NT security: do not contaminate the caller thread of AuProcesses with user-switching elevation.

2024-11-18 21:29:04 +00:00 · 2024-11-18 21:29:04 +00:00 · e63903d0f4
commit e63903d0f4
parent 188dfd9459
1 changed files with 45 additions and 11 deletions
--- a/Source/Processes/AuProcessElevation.NT.cpp
+++ b/Source/Processes/AuProcessElevation.NT.cpp
@ -650,16 +650,16 @@ namespace Aurora::Processes

        }

-        BOOL Exec(LPCWSTR               lpApplicationName,
-                  LPWSTR                lpCommandLine,
-                  LPSECURITY_ATTRIBUTES lpProcessAttributes,
-                  LPSECURITY_ATTRIBUTES lpThreadAttributes,
-                  BOOL                  bInheritHandles,
-                  DWORD                 dwCreationFlags,
-                  LPVOID                lpEnvironment,
-                  LPCWSTR               lpCurrentDirectory,
-                  LPSTARTUPINFOW        lpStartupInfo,
-                  LPPROCESS_INFORMATION lpProcessInformation)
+        BOOL ExecOnThread(LPCWSTR               lpApplicationName,
+                          LPWSTR                lpCommandLine,
+                          LPSECURITY_ATTRIBUTES lpProcessAttributes,
+                          LPSECURITY_ATTRIBUTES lpThreadAttributes,
+                          BOOL                  bInheritHandles,
+                          DWORD                 dwCreationFlags,
+                          LPVOID                lpEnvironment,
+                          LPCWSTR               lpCurrentDirectory,
+                          LPSTARTUPINFOW        lpStartupInfo,
+                          LPPROCESS_INFORMATION lpProcessInformation)
        {
            DWORD dwSesssionId;
            GetCurrentSessionId(dwSesssionId);
@ -993,6 +993,40 @@ namespace Aurora::Processes
                pSetSecurityDescriptorDacl(&this->sd, TRUE, NULL, FALSE);
            }
        }
+    
+        BOOL Exec(LPCWSTR               lpApplicationName,
+                  LPWSTR                lpCommandLine,
+                  LPSECURITY_ATTRIBUTES lpProcessAttributes,
+                  LPSECURITY_ATTRIBUTES lpThreadAttributes,
+                  BOOL                  bInheritHandles,
+                  DWORD                 dwCreationFlags,
+                  LPVOID                lpEnvironment,
+                  LPCWSTR               lpCurrentDirectory,
+                  LPSTARTUPINFOW        lpStartupInfo,
+                  LPPROCESS_INFORMATION lpProcessInformation)
+        {
+            BOOL bRet = false;
+        
+            if (auto pThread = AuThreads::Spawn([&]()
+            {
+                bRet = ExecOnThread(lpApplicationName,
+                                    lpCommandLine,
+                                    lpProcessAttributes,
+                                    lpThreadAttributes,
+                                    bInheritHandles,
+                                    dwCreationFlags,
+                                    lpEnvironment,
+                                    lpCurrentDirectory,
+                                    lpStartupInfo,
+                                    lpProcessInformation);
+        
+            }, false))
+            {
+                pThread->GetShutdownWaitable()->Lock();
+            }
+        
+            return bRet;
+        }
    };

    AUKN_SYM void RunAs(StartupParameters &startupParameters,
@ -1008,7 +1042,7 @@ namespace Aurora::Processes
                                                               std::placeholders::_7, std::placeholders::_8,
                                                               std::placeholders::_9, std::placeholders::_10);
        startupParameters.ntFixSharedHandleAttrs = std::bind(&SecureRunAs::FixSharedAttrs, pThat,
-                                                               std::placeholders::_1);
+                                                             std::placeholders::_1);

    }
 }