зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1567219 - Add a metric to collect how many users launch a process with Admin but without UAC. r=aklotz
This patch adds a new Scalar metric `os.environment.is_admin_without_uac` that indicates the process is lauched with Admin privileges when UAC is turned off. Differential Revision: https://phabricator.services.mozilla.com/D42047 --HG-- extra : moz-landing-system : lando
This commit is contained in:
Родитель
3afd91eb53
Коммит
71cfbd4b5a
|
@ -60,6 +60,7 @@ TEST_DIRS += [
|
||||||
if CONFIG['MOZ_LAUNCHER_PROCESS']:
|
if CONFIG['MOZ_LAUNCHER_PROCESS']:
|
||||||
UNIFIED_SOURCES += [
|
UNIFIED_SOURCES += [
|
||||||
'/toolkit/xre/LauncherRegistryInfo.cpp',
|
'/toolkit/xre/LauncherRegistryInfo.cpp',
|
||||||
|
'/toolkit/xre/WinTokenUtils.cpp',
|
||||||
]
|
]
|
||||||
for var in ('MOZ_APP_BASENAME', 'MOZ_APP_VENDOR'):
|
for var in ('MOZ_APP_BASENAME', 'MOZ_APP_VENDOR'):
|
||||||
DEFINES[var] = '"%s"' % CONFIG[var]
|
DEFINES[var] = '"%s"' % CONFIG[var]
|
||||||
|
|
|
@ -682,6 +682,25 @@ sandbox:
|
||||||
operating_systems:
|
operating_systems:
|
||||||
- "windows"
|
- "windows"
|
||||||
|
|
||||||
|
os.environment:
|
||||||
|
is_admin_without_uac:
|
||||||
|
bug_numbers:
|
||||||
|
- 1567219
|
||||||
|
description: >
|
||||||
|
Indicates that the process is lauched with Admin privileges but without
|
||||||
|
UAC.
|
||||||
|
expires: never
|
||||||
|
kind: boolean
|
||||||
|
notification_emails:
|
||||||
|
- tkikuchi@mozilla.com
|
||||||
|
release_channel_collection: opt-out
|
||||||
|
products:
|
||||||
|
- 'firefox'
|
||||||
|
record_in_processes:
|
||||||
|
- main
|
||||||
|
operating_systems:
|
||||||
|
- "windows"
|
||||||
|
|
||||||
pictureinpicture:
|
pictureinpicture:
|
||||||
opened_method:
|
opened_method:
|
||||||
bug_numbers:
|
bug_numbers:
|
||||||
|
|
|
@ -0,0 +1,72 @@
|
||||||
|
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
||||||
|
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
|
||||||
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||||
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||||
|
* file, You can obtain one at https://mozilla.org/MPL/2.0/. */
|
||||||
|
|
||||||
|
#include "WinTokenUtils.h"
|
||||||
|
#include "nsWindowsHelpers.h"
|
||||||
|
|
||||||
|
using namespace mozilla;
|
||||||
|
|
||||||
|
// If |aToken| is nullptr, CheckTokenMembership uses the calling thread's
|
||||||
|
// primary token to check membership for.
|
||||||
|
static LauncherResult<bool> IsMemberOfAdministrators(
|
||||||
|
const nsAutoHandle& aToken) {
|
||||||
|
BYTE adminsGroupSid[SECURITY_MAX_SID_SIZE];
|
||||||
|
DWORD adminsGroupSidSize = sizeof(adminsGroupSid);
|
||||||
|
if (!CreateWellKnownSid(WinBuiltinAdministratorsSid, nullptr, adminsGroupSid,
|
||||||
|
&adminsGroupSidSize)) {
|
||||||
|
return LAUNCHER_ERROR_FROM_LAST();
|
||||||
|
}
|
||||||
|
|
||||||
|
BOOL isMember;
|
||||||
|
if (!CheckTokenMembership(aToken, adminsGroupSid, &isMember)) {
|
||||||
|
return LAUNCHER_ERROR_FROM_LAST();
|
||||||
|
}
|
||||||
|
return !!isMember;
|
||||||
|
}
|
||||||
|
|
||||||
|
static LauncherResult<bool> IsUacEnabled() {
|
||||||
|
DWORD len = sizeof(DWORD);
|
||||||
|
DWORD value;
|
||||||
|
LSTATUS status = RegGetValueW(
|
||||||
|
HKEY_LOCAL_MACHINE,
|
||||||
|
L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System",
|
||||||
|
L"EnableLUA", RRF_RT_DWORD, nullptr, &value, &len);
|
||||||
|
if (status != ERROR_SUCCESS) {
|
||||||
|
return LAUNCHER_ERROR_FROM_WIN32(status);
|
||||||
|
}
|
||||||
|
|
||||||
|
// UAC is disabled only when EnableLUA is 0.
|
||||||
|
return (value != 0);
|
||||||
|
}
|
||||||
|
|
||||||
|
namespace mozilla {
|
||||||
|
|
||||||
|
LauncherResult<bool> IsAdminWithoutUac() {
|
||||||
|
// To check whether the process was launched with Administrator priviledges
|
||||||
|
// or not, we cannot simply check the integrity level of the current process
|
||||||
|
// because the launcher process spawns the browser process with the medium
|
||||||
|
// integrity level even though the launcher process is high integrity level.
|
||||||
|
// We check whether the thread's token contains Administratos SID or not
|
||||||
|
// instead.
|
||||||
|
LauncherResult<bool> containsAdminGroup =
|
||||||
|
IsMemberOfAdministrators(nsAutoHandle());
|
||||||
|
if (containsAdminGroup.isErr()) {
|
||||||
|
return LAUNCHER_ERROR_FROM_RESULT(containsAdminGroup);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!containsAdminGroup.unwrap()) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
LauncherResult<bool> isUacEnabled = IsUacEnabled();
|
||||||
|
if (isUacEnabled.isErr()) {
|
||||||
|
return LAUNCHER_ERROR_FROM_RESULT(isUacEnabled);
|
||||||
|
}
|
||||||
|
|
||||||
|
return !isUacEnabled.unwrap();
|
||||||
|
}
|
||||||
|
|
||||||
|
} // namespace mozilla
|
|
@ -0,0 +1,18 @@
|
||||||
|
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
||||||
|
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
|
||||||
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||||
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||||
|
* file, You can obtain one at https://mozilla.org/MPL/2.0/. */
|
||||||
|
|
||||||
|
#ifndef mozilla_WinTokenUtils_h
|
||||||
|
#define mozilla_WinTokenUtils_h
|
||||||
|
|
||||||
|
#include "mozilla/LauncherResult.h"
|
||||||
|
|
||||||
|
namespace mozilla {
|
||||||
|
|
||||||
|
LauncherResult<bool> IsAdminWithoutUac();
|
||||||
|
|
||||||
|
} // namespace mozilla
|
||||||
|
|
||||||
|
#endif // mozilla_WinTokenUtils_h
|
|
@ -50,6 +50,7 @@ if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'windows':
|
||||||
'ModuleVersionInfo_windows.h',
|
'ModuleVersionInfo_windows.h',
|
||||||
'PolicyChecks.h',
|
'PolicyChecks.h',
|
||||||
'WinDllServices.h',
|
'WinDllServices.h',
|
||||||
|
'WinTokenUtils.h',
|
||||||
]
|
]
|
||||||
UNIFIED_SOURCES += [
|
UNIFIED_SOURCES += [
|
||||||
'/toolkit/mozapps/update/common/updateutils_win.cpp',
|
'/toolkit/mozapps/update/common/updateutils_win.cpp',
|
||||||
|
@ -57,6 +58,7 @@ if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'windows':
|
||||||
'ModuleVersionInfo_windows.cpp',
|
'ModuleVersionInfo_windows.cpp',
|
||||||
'nsNativeAppSupportWin.cpp',
|
'nsNativeAppSupportWin.cpp',
|
||||||
'WinDllServices.cpp',
|
'WinDllServices.cpp',
|
||||||
|
'WinTokenUtils.cpp',
|
||||||
]
|
]
|
||||||
DEFINES['PROXY_PRINTING'] = 1
|
DEFINES['PROXY_PRINTING'] = 1
|
||||||
LOCAL_INCLUDES += [
|
LOCAL_INCLUDES += [
|
||||||
|
|
|
@ -113,6 +113,7 @@
|
||||||
# include "mozilla/WinHeaderOnlyUtils.h"
|
# include "mozilla/WinHeaderOnlyUtils.h"
|
||||||
# include "mozilla/mscom/ProcessRuntime.h"
|
# include "mozilla/mscom/ProcessRuntime.h"
|
||||||
# include "mozilla/widget/AudioSession.h"
|
# include "mozilla/widget/AudioSession.h"
|
||||||
|
# include "WinTokenUtils.h"
|
||||||
|
|
||||||
# if defined(MOZ_LAUNCHER_PROCESS)
|
# if defined(MOZ_LAUNCHER_PROCESS)
|
||||||
# include "mozilla/LauncherRegistryInfo.h"
|
# include "mozilla/LauncherRegistryInfo.h"
|
||||||
|
@ -4563,6 +4564,15 @@ nsresult XREMain::XRE_mainRun() {
|
||||||
CrashReporter::Annotation::ContentSandboxCapabilities, flagsString);
|
CrashReporter::Annotation::ContentSandboxCapabilities, flagsString);
|
||||||
#endif /* MOZ_SANDBOX && XP_LINUX */
|
#endif /* MOZ_SANDBOX && XP_LINUX */
|
||||||
|
|
||||||
|
#if defined(XP_WIN)
|
||||||
|
LauncherResult<bool> isAdminWithoutUac = IsAdminWithoutUac();
|
||||||
|
if (isAdminWithoutUac.isOk()) {
|
||||||
|
Telemetry::ScalarSet(
|
||||||
|
Telemetry::ScalarID::OS_ENVIRONMENT_IS_ADMIN_WITHOUT_UAC,
|
||||||
|
isAdminWithoutUac.unwrap());
|
||||||
|
}
|
||||||
|
#endif /* XP_WIN */
|
||||||
|
|
||||||
#if defined(MOZ_SANDBOX)
|
#if defined(MOZ_SANDBOX)
|
||||||
AddSandboxAnnotations();
|
AddSandboxAnnotations();
|
||||||
#endif /* MOZ_SANDBOX */
|
#endif /* MOZ_SANDBOX */
|
||||||
|
|
Загрузка…
Ссылка в новой задаче