Commit Graph

11 Commits

Author SHA1 Message Date
Alistair Leslie-Hughes
5a5c5a5743 Rebase against a87bafc5b92c9f2deaa399e32a8ec42d28f7ea45. 2021-08-25 09:53:24 +10:00
Zebediah Figura
b09fe464be server-default_integrity: Use "path" instead of ImagePathName to read the manifest.
Also, while we're at it, don't depend on the path being null-terminated.
2021-08-14 17:35:45 -05:00
Zebediah Figura
a7ae280480 Rebase against 52ba1b498a9694daf804c9aea99c788bb4e753a3. 2021-07-01 16:56:20 -05:00
Zebediah Figura
8988a92bee Rebase against 0ec555e58ea9d5b33f4c825e96965ad0cb15d00f. 2021-06-30 17:34:42 -05:00
Zebediah Figura
fd5866f6f1 server-default_integrity: Remove the NOCLOBBER flag from EnableLUA.
Otherwise old prefixes will never get changed (cf. [1] for why this is a bad
thing). I don't think there's any reason the user should be manually modifying
this; in theory it's configurable but in practice there's no way to ask the
user to enter credentials.

[1] https://bugs.winehq.org/show_bug.cgi?id=40613#c39
2021-06-19 11:21:22 -05:00
Alistair Leslie-Hughes
876024f44f Rebase against afd5550b07f6d55e56738f61d829085d6bc82888. 2021-06-17 10:06:41 +10:00
Alistair Leslie-Hughes
34afd80e2e Rebase against 8ddff3f51faca2c0824e204a69f69e241fb93d15. 2021-05-26 10:17:35 +10:00
Zebediah Figura
be3928a809 server-default_integrity: Elevate processes if the manifest requests.
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=51000
2021-05-21 22:11:04 -05:00
Zebediah Figura
180ba8c931 server-default_integrity: Create the MSI custom action server as an elevated process. 2021-05-16 20:52:14 -05:00
Zebediah Figura
dfc989712e server-default_integrity: Support the "runas" verb, and set EnableLUA to 1.
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=50727
2021-02-26 22:47:31 -06:00
Zebediah Figura
811467bf6a server-default_integrity: New patch set.
This patch set, as an alternative approach to advapi32-Token_Integrity_Level,
creates all processes as a limited administrator by default. This doesn't
actually seem to break most applications, apparently since they assume that
their manifest is enough to force them to run as administrator and don't bother
verifying that's what they get, and since we don't actually prevent accessing
low-integrity objects. I'm adding this patch to wine-staging in order to smoke
out any applications that might be broken, as it's still a very risky patch.
2021-02-17 20:57:47 -06:00