Wrong NamedPipe name was used when elevating as another user. Fixes #4

gerardog · Jan 8, 2020 · f1b999c · f1b999c
1 parent a057b41
commit f1b999c
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 8 deletions.
diff --git a/src/gsudo/Commands/RunCommand.cs b/src/gsudo/Commands/RunCommand.cs
@@ -6,6 +6,7 @@
 using System.Diagnostics;
 using System.Linq;
 using System.Runtime.Serialization.Formatters.Binary;
+using System.Security.Principal;
 using System.Threading.Tasks;
 
 namespace gsudo.Commands
@@ -104,6 +105,7 @@ public async Task<int> Execute()
             {
                 Logger.Instance.Log($"Using Console mode {elevationRequest.Mode}", LogLevel.Debug);
                 var callingPid = GetCallingPid(currentProcess);
+                var callingSid = WindowsIdentity.GetCurrent().User.Value;
                 Logger.Instance.Log($"Caller ProcessId is {callingPid}", LogLevel.Debug);
 
                 var cmd = CommandToRun.FirstOrDefault();
@@ -130,7 +132,7 @@ public async Task<int> Execute()
                         Logger.Instance.Log("Elevating process...", LogLevel.Debug);
 
                         var dbg = GlobalSettings.Debug ? "--debug " : string.Empty;
-                        using (var process = ProcessFactory.StartElevatedDetached(currentProcess.MainModule.FileName, $"{dbg}gsudoservice {callingPid} {GlobalSettings.LogLevel}", !GlobalSettings.Debug))
+                        using (var process = ProcessFactory.StartElevatedDetached(currentProcess.MainModule.FileName, $"{dbg}gsudoservice {callingPid} {callingSid} {GlobalSettings.LogLevel}", !GlobalSettings.Debug))
                         {
                             Logger.Instance.Log("Elevated instance started.", LogLevel.Debug);
                         }
@@ -157,7 +159,6 @@ public async Task<int> Execute()
                     connection?.Dispose();
                 }
             }
-
         }
 
         private static int GetCallingPid(Process currentProcess)

diff --git a/src/gsudo/Commands/ServiceCommand.cs b/src/gsudo/Commands/ServiceCommand.cs
@@ -12,6 +12,7 @@ namespace gsudo.Commands
     class ServiceCommand : ICommand
     {
         public int allowedPid { get; set; }
+        public string allowedSid { get; set; }
 
         public LogLevel? LogLvl { get; set; }
 
@@ -78,7 +79,7 @@ private static IProcessHost CreateProcessHost(ElevationRequest request)
 
         private IRpcServer CreateServer()
         {
-            return new NamedPipeServer(allowedPid);
+            return new NamedPipeServer(allowedPid, allowedSid);
         }
 
         private async Task<ElevationRequest> ReadElevationRequest(Stream dataPipe)

diff --git a/src/gsudo/Helpers/ArgumentsHelper.cs b/src/gsudo/Helpers/ArgumentsHelper.cs
@@ -168,14 +168,15 @@ internal static ICommand ParseCommand(string[] args)
             {
                 bool hasLoglevel = false;
                 LogLevel logLevel = LogLevel.Info;
-                if (args.Length>2)
+                if (args.Length>3)
                 {
-                    hasLoglevel = Enum.TryParse<LogLevel>(args[2], true, out logLevel);
+                    hasLoglevel = Enum.TryParse<LogLevel>(args[3], true, out logLevel);
                 }
 
                 return new ServiceCommand()
                 {
                     allowedPid = int.Parse(args[1], CultureInfo.InvariantCulture),
+                    allowedSid = args[2],
                     LogLvl = hasLoglevel ? logLevel : (LogLevel?)null,
                 };
             }

diff --git a/src/gsudo/Rpc/NamedPipeServer.cs b/src/gsudo/Rpc/NamedPipeServer.cs
@@ -13,28 +13,30 @@ namespace gsudo.Rpc
     class NamedPipeServer : IRpcServer
     {
         private readonly int _allowedPid;
+        private readonly string _allowedSid;
         CancellationTokenSource cancellationTokenSource = new CancellationTokenSource();
 
         public event EventHandler<Connection> ConnectionAccepted;
         public event EventHandler<Connection> ConnectionClosed;
 
         const int MAX_SERVER_INSTANCES = 20;
 
-        public NamedPipeServer(int AllowedPid)
+        public NamedPipeServer(int AllowedPid, string AllowedSid)
         {
             _allowedPid = AllowedPid;
+            _allowedSid = AllowedSid;
         }
 
         public async Task Listen()
         {
             var ps = new PipeSecurity();
 
             ps.AddAccessRule(new PipeAccessRule(
-                WindowsIdentity.GetCurrent().User,
+                new SecurityIdentifier(_allowedSid),
                 PipeAccessRights.ReadWrite | PipeAccessRights.CreateNewInstance,
                 AccessControlType.Allow));
 
-            var pipeName = GetPipeName(_allowedPid);
+            var pipeName = GetPipeName(_allowedSid, _allowedPid);
             Logger.Instance.Log($"Using named pipe {pipeName}.", LogLevel.Debug);
 
             Logger.Instance.Log($"Access allowed only for ProcessID {_allowedPid} and childs", LogLevel.Debug);