VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Common/Dlgcode.c
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2019-12-05 13:27:13 +0100
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2019-12-05 13:35:27 +0100
commit4a215c2ddbb3a960c28f9f5a79e3d7ad8de77496 (patch)
treeacec97645d5379158edc16c09236d0776868759e /src/Common/Dlgcode.c
parent27d1f404f1dd187e56cbd9fa9b7d56da2fa55eb3 (diff)
downloadVeraCrypt-4a215c2ddbb3a960c28f9f5a79e3d7ad8de77496.tar.gz
VeraCrypt-4a215c2ddbb3a960c28f9f5a79e3d7ad8de77496.zip
Windows: Modify memory process protection when running with admin privileges to allow calling functions needed for CVE-2019-19501 fix while still protecting against memory access by non-admin processes.
Diffstat (limited to 'src/Common/Dlgcode.c')
-rw-r--r--src/Common/Dlgcode.c13
1 files changed, 12 insertions, 1 deletions
diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c
index 39db3936..47578b27 100644
--- a/src/Common/Dlgcode.c
+++ b/src/Common/Dlgcode.c
@@ -14017,6 +14017,17 @@ BOOL EnableProcessProtection()
PACL pACL = NULL;
DWORD cbACL = 0;
+ // Acces mask
+ DWORD dwAccessMask = SYNCHRONIZE | PROCESS_QUERY_LIMITED_INFORMATION | PROCESS_TERMINATE; // same as protected process
+
+ if (IsAdmin ())
+ {
+ // if we are running elevated, we allow CreateProcessXXX calls alongside PROCESS_DUP_HANDLE and PROCESS_QUERY_INFORMATION in order to be able
+ // to implement secure way to open URLs (cf RunAsDesktopUser)
+ // we are still protecting against memory access from non-admon processes
+ dwAccessMask |= PROCESS_CREATE_PROCESS | PROCESS_DUP_HANDLE | PROCESS_QUERY_INFORMATION;
+ }
+
// Open the access token associated with the calling process
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken)) {
goto Cleanup;
@@ -14055,7 +14066,7 @@ BOOL EnableProcessProtection()
if (!AddAccessAllowedAce(
pACL,
ACL_REVISION,
- SYNCHRONIZE | PROCESS_QUERY_LIMITED_INFORMATION | PROCESS_TERMINATE, // same as protected process
+ dwAccessMask,
pTokenUser->User.Sid // pointer to the trustee's SID
)) {
goto Cleanup;