fix pipe access control

2025-11-19 21:02:53 +08:00 · 2024-05-30 12:36:30 +08:00
parent c9ea4b358a
commit f8e9b4a1b3
2 changed files with 15 additions and 2 deletions
--- a/src/Snap.Hutao/Snap.Hutao/Control/Theme/InfoBarOverride.xaml
+++ b/src/Snap.Hutao/Snap.Hutao/Control/Theme/InfoBarOverride.xaml
@@ -244,7 +244,7 @@
                                        <Setter Target="IconBackground.Foreground" Value="{ThemeResource InfoBarInformationalSeverityIconBackground}"/>
                                        <Setter Target="StandardIcon.Text" Value="{StaticResource InfoBarInformationalIconGlyph}"/>
                                        <Setter Target="StandardIcon.Foreground" Value="{ThemeResource InfoBarInformationalSeverityIconForeground}"/>
-                                    </VisualState.Setters
+                                    </VisualState.Setters>
                                </VisualState>
                                <VisualState x:Name="Error">
                                    <VisualState.Setters>
--- a/src/Snap.Hutao/Snap.Hutao/Core/LifeCycle/InterProcess/PrivateNamedPipeServer.cs
+++ b/src/Snap.Hutao/Snap.Hutao/Core/LifeCycle/InterProcess/PrivateNamedPipeServer.cs
@@ -4,6 +4,8 @@
 using Snap.Hutao.Core.ExceptionService;
 using System.IO.Hashing;
 using System.IO.Pipes;
+using System.Security.AccessControl;
+using System.Security.Principal;

 namespace Snap.Hutao.Core.LifeCycle.InterProcess;

@@ -12,7 +14,7 @@ namespace Snap.Hutao.Core.LifeCycle.InterProcess;
 internal sealed partial class PrivateNamedPipeServer : IDisposable
 {
    private readonly PrivateNamedPipeMessageDispatcher messageDispatcher;
-
+    private readonly RuntimeOptions runtimeOptions;
    private readonly NamedPipeServerStream serverStream = new("Snap.Hutao.PrivateNamedPipe", PipeDirection.InOut, NamedPipeServerStream.MaxAllowedServerInstances, PipeTransmissionMode.Byte, PipeOptions.Asynchronous | PipeOptions.WriteThrough);
    private readonly CancellationTokenSource serverTokenSource = new();
    private readonly SemaphoreSlim serverSemaphore = new(1);
@@ -31,6 +33,17 @@ internal sealed partial class PrivateNamedPipeServer : IDisposable
    {
        using (await serverSemaphore.EnterAsync(serverTokenSource.Token).ConfigureAwait(false))
        {
+            if (runtimeOptions.IsElevated)
+            {
+                SecurityIdentifier everyOne = new(WellKnownSidType.WorldSid, null);
+                SecurityIdentifier users = new(WellKnownSidType.BuiltinUsersSid, null);
+
+                PipeSecurity pipeSecurity = new();
+                pipeSecurity.AddAccessRule(new PipeAccessRule(everyOne, PipeAccessRights.ReadWrite, AccessControlType.Allow));
+                pipeSecurity.AddAccessRule(new PipeAccessRule(users, PipeAccessRights.ReadWrite, AccessControlType.Allow));
+                serverStream.SetAccessControl(pipeSecurity);
+            }
+
            while (!serverTokenSource.IsCancellationRequested)
            {
                try