VirtualBox

Changeset 52482 in vbox for trunk/src


Ignore:
Timestamp:
Aug 22, 2014 8:38:31 PM (11 years ago)
Author:
vboxsync
svn:sync-xref-src-repo-rev:
95703
Message:

SUP: TrustedInstaller or LocalSystem, works around tumbleweed desktop validator issue.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/VBox/HostDrivers/Support/win/SUPHardenedVerifyImage-win.cpp

    r52453 r52482  
    137137#endif /* IN_RING3 */
    138138
    139 /** The TrustedInstaller SID (Vista+). */
    140139static union
    141140{
    142141    SID                     Sid;
    143142    uint8_t                 abPadding[SECURITY_MAX_SID_SIZE];
    144 }                           g_TrustedInstallerSid;
     143}
     144/** The TrustedInstaller SID (Vista+). */
     145                            g_TrustedInstallerSid,
     146/** Local system ID (S-1-5-21). */
     147                            g_LocalSystemSid;
     148
    145149
    146150/** Set after we've retrived other SPC root certificates from the system. */
     
    411415
    412416/**
    413  * Checks if the file is owned by TrustedInstaller on Vista and later.
     417 * Checks if the file is owned by TrustedInstaller (Vista+) or similar.
    414418 *
    415419 * @returns true if owned by TrustedInstaller of pre-Vista, false if not.
     
    418422 * @param   pwszName            The name of the file.
    419423 */
    420 static bool supHardNtViCheckIsOwnedByTrustedInstaller(HANDLE hFile, PCRTUTF16 pwszName)
     424static bool supHardNtViCheckIsOwnedByTrustedInstallerOrSimilar(HANDLE hFile, PCRTUTF16 pwszName)
    421425{
    422426    if (g_uNtVerCombined < SUP_NT_VER_VISTA)
     
    442446    /*
    443447     * Check the owner.
     448     *
     449     * Initially we wished to only allow TrustedInstaller.  But a Winodws CAPI
     450     * plugin "Program Files\Tumbleweed\Desktop Validator\tmwdcapiclient.dll"
     451     * turned up owned by the local system user, and we cannot operate without
     452     * the plugin loaded once it's installed (WinVerityTrust fails).
    444453     */
    445454    PSID pOwner = uBuf.Rel.Control & SE_SELF_RELATIVE ? &uBuf.abView[uBuf.Rel.Owner] : uBuf.Abs.Owner;
    446455    Assert((uintptr_t)pOwner - (uintptr_t)&uBuf < sizeof(uBuf) - sizeof(SID));
    447456    if (RtlEqualSid(pOwner, &g_TrustedInstallerSid))
     457        return true;
     458    if (RtlEqualSid(pOwner, &g_LocalSystemSid))
    448459        return true;
    449460
     
    705716        /* Must be owned by trusted installer. (This test is superfuous, thus no relaxation here.) */
    706717        if (   !(fFlags & SUPHNTVI_F_TRUSTED_INSTALLER_OWNER)
    707             && !supHardNtViCheckIsOwnedByTrustedInstaller(hFile, pwszName))
     718            && !supHardNtViCheckIsOwnedByTrustedInstallerOrSimilar(hFile, pwszName))
    708719            return rc;
    709720
     
    762773        /* Must be owned by trusted installer. */
    763774        if (   !(fFlags & SUPHNTVI_F_TRUSTED_INSTALLER_OWNER)
    764             && !supHardNtViCheckIsOwnedByTrustedInstaller(hFile, pwszName))
     775            && !supHardNtViCheckIsOwnedByTrustedInstallerOrSimilar(hFile, pwszName))
    765776            return rc;
    766777        return VINF_LDRVI_NOT_SIGNED;
     
    779790
    780791        if (   !(fFlags & SUPHNTVI_F_TRUSTED_INSTALLER_OWNER)
    781             && !supHardNtViCheckIsOwnedByTrustedInstaller(hFile, pwszName))
     792            && !supHardNtViCheckIsOwnedByTrustedInstallerOrSimilar(hFile, pwszName))
    782793            return rc;
    783794
     
    827838    {
    828839        if (   !(fFlags & SUPHNTVI_F_TRUSTED_INSTALLER_OWNER)
    829             && !supHardNtViCheckIsOwnedByTrustedInstaller(hFile, pwszName))
     840            && !supHardNtViCheckIsOwnedByTrustedInstallerOrSimilar(hFile, pwszName))
    830841            return rc;
    831842        return VINF_LDRVI_NOT_SIGNED;
     
    837848     */
    838849    if (   (fFlags & SUPHNTVI_F_TRUSTED_INSTALLER_OWNER)
    839         || supHardNtViCheckIsOwnedByTrustedInstaller(hFile, pwszName))
     850        || supHardNtViCheckIsOwnedByTrustedInstallerOrSimilar(hFile, pwszName))
    840851        return VINF_LDRVI_NOT_SIGNED;
    841852
     
    10151026     * user32.dll.  Since we need user32.dll and will be checking it's digital
    10161027     * signature, it's reasonably safe to let this thru.
     1028     * (The report was of SECURITY_BUILTIN_DOMAIN_RID + DOMAIN_ALIAS_RID_ADMINS
     1029     * owning user32.dll, see public ticket 13187, VBoxStartup.3.log.)
    10171030     */
    10181031    if (   (pNtViRdr->fFlags & SUPHNTVI_F_TRUSTED_INSTALLER_OWNER)
    1019         && !supHardNtViCheckIsOwnedByTrustedInstaller(pNtViRdr->hFile, pwszName))
     1032        && !supHardNtViCheckIsOwnedByTrustedInstallerOrSimilar(pNtViRdr->hFile, pwszName))
    10201033    {
    10211034        if (!supHardViUtf16PathStartsWithEx(pwszName, (uint32_t)RTUtf16Len(pwszName),
     
    16151628                *RtlSubAuthoritySid(&g_TrustedInstallerSid, 4) = 1853292631;
    16161629                *RtlSubAuthoritySid(&g_TrustedInstallerSid, 5) = 2271478464;
    1617                 return VINF_SUCCESS;
     1630
     1631                if (NT_SUCCESS(rcNt))
     1632                    rcNt = RtlInitializeSid(&g_LocalSystemSid, &s_NtAuth, 1);
     1633                if (NT_SUCCESS(rcNt))
     1634                {
     1635                    *RtlSubAuthoritySid(&g_LocalSystemSid, 0) = SECURITY_LOCAL_SYSTEM_RID;
     1636                    return VINF_SUCCESS;
     1637                }
    16181638            }
    16191639            rc = RTErrConvertFromNtStatus(rcNt);
Note: See TracChangeset for help on using the changeset viewer.

© 2025 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette