fix Issue #1244

2022-12-14 00:51:43 +08:00 · 2022-12-14 00:51:43 +08:00 · 5ee3e3f347
commit 5ee3e3f347
parent 856f84d37a
2 changed files with 46 additions and 4 deletions
--- a/src/platform/windows.rs
+++ b/src/platform/windows.rs
@ -439,6 +439,7 @@ extern "C" {
    fn win32_disable_lowlevel_keyboard(hwnd: HWND);
    fn win_stop_system_key_propagate(v: BOOL);
    fn is_win_down() -> BOOL;
+    fn is_local_system() -> BOOL;
 }

 extern "system" {
@ -718,10 +719,10 @@ pub fn set_share_rdp(enable: bool) {
 }

 pub fn get_active_username() -> String {
-    let name = crate::username();
-    if name != "SYSTEM" {
-        return name;
+    if !is_root() {
+        return crate::username();
    }
+
    extern "C" {
        fn get_active_user(path: *mut u16, n: u32, rdp: BOOL) -> u32;
    }
@ -757,7 +758,8 @@ pub fn is_prelogin() -> bool {
 }

 pub fn is_root() -> bool {
-    crate::username() == "SYSTEM"
+    // https://stackoverflow.com/questions/4023586/correct-way-to-find-out-if-a-service-is-running-as-the-system-user
+    unsafe { is_local_system() == TRUE }
 }

 pub fn lock_screen() {
--- a/src/windows.cc
+++ b/src/windows.cc
@ -588,4 +588,44 @@ extern "C"
        stop_system_key_propagate = v;
    }

+    // https://stackoverflow.com/questions/4023586/correct-way-to-find-out-if-a-service-is-running-as-the-system-user
+    BOOL is_local_system()
+    {
+        HANDLE hToken;
+        UCHAR bTokenUser[sizeof(TOKEN_USER) + 8 + 4 * SID_MAX_SUB_AUTHORITIES];
+        PTOKEN_USER pTokenUser = (PTOKEN_USER)bTokenUser;
+        ULONG cbTokenUser;
+        SID_IDENTIFIER_AUTHORITY siaNT = SECURITY_NT_AUTHORITY;
+        PSID pSystemSid;
+        BOOL bSystem;
+
+        // open process token
+        if (!OpenProcessToken(GetCurrentProcess(),
+                              TOKEN_QUERY,
+                              &hToken))
+            return FALSE;
+
+        // retrieve user SID
+        if (!GetTokenInformation(hToken, TokenUser, pTokenUser,
+                                 sizeof(bTokenUser), &cbTokenUser))
+        {
+            CloseHandle(hToken);
+            return FALSE;
+        }
+
+        CloseHandle(hToken);
+
+        // allocate LocalSystem well-known SID
+        if (!AllocateAndInitializeSid(&siaNT, 1, SECURITY_LOCAL_SYSTEM_RID,
+                                      0, 0, 0, 0, 0, 0, 0, &pSystemSid))
+            return FALSE;
+
+        // compare the user SID from the token with the LocalSystem SID
+        bSystem = EqualSid(pTokenUser->User.Sid, pSystemSid);
+
+        FreeSid(pSystemSid);
+
+        return bSystem;
+    }
+
 } // end of extern "C"