Skip to content

Commit

Permalink
win,msi: use localized "Authenticated Users" name
Browse files Browse the repository at this point in the history
Well known user account names are localized on Windows. Look up the
"Authenticated Users" user by its security identifier to get the
localized name.

PR-URL: #39241
Fixes: #39224
Refs: e817ba7
Refs: https://hackerone.com/reports/1211160
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Beth Griggs <bgriggs@redhat.com>
  • Loading branch information
richardlau committed Jul 5, 2021
1 parent 64e4837 commit e9cf120
Show file tree
Hide file tree
Showing 3 changed files with 39 additions and 2 deletions.
31 changes: 31 additions & 0 deletions tools/msvs/msi/custom_actions.cc
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@
#include <windows.h>
#include <msiquery.h>
#include <wcautil.h>
#include <sddl.h>
#include <Lmcons.h>

#define GUID_BUFFER_SIZE 39 // {8-4-4-4-12}\0

Expand Down Expand Up @@ -96,6 +98,35 @@ extern "C" UINT WINAPI BroadcastEnvironmentUpdate(MSIHANDLE hInstall) {
return WcaFinalize(er);
}

#define AUTHENTICATED_USERS_SID L"S-1-5-11"

extern "C" UINT WINAPI GetLocalizedUserNames(MSIHANDLE hInstall) {
HRESULT hr = S_OK;
UINT er = ERROR_SUCCESS;
TCHAR userName[UNLEN + 1] = {0};
DWORD userNameSize = UNLEN + 1;
TCHAR domain[DNLEN + 1] = {0};
DWORD domainSize = DNLEN + 1;
PSID sid;
SID_NAME_USE nameUse;

hr = WcaInitialize(hInstall, "GetLocalizedUserNames");
ExitOnFailure(hr, "Failed to initialize");

er = ConvertStringSidToSidW(AUTHENTICATED_USERS_SID, &sid);
ExitOnLastError(er, "Failed to convert security identifier");

er = LookupAccountSidW(NULL, sid, userName, &userNameSize, domain, &domainSize, &nameUse);
ExitOnLastError(er, "Failed to lookup security identifier");

MsiSetProperty(hInstall, L"AUTHENTICATED_USERS", userName);
ExitOnWin32Error(er, hr, "Failed to set localized Authenticated User name");

LExit:
er = SUCCEEDED(hr) ? ERROR_SUCCESS : ERROR_INSTALL_FAILURE;
LocalFree(sid);
return WcaFinalize(er);
}

extern "C" BOOL WINAPI DllMain(HINSTANCE hInst, ULONG ulReason, VOID* dummy) {
switch (ulReason) {
Expand Down
1 change: 1 addition & 0 deletions tools/msvs/msi/custom_actions.def
Original file line number Diff line number Diff line change
Expand Up @@ -3,3 +3,4 @@ LIBRARY "custom_actions"
EXPORTS
SetInstallScope
BroadcastEnvironmentUpdate
GetLocalizedUserNames
9 changes: 7 additions & 2 deletions tools/msvs/msi/product.wxs
Original file line number Diff line number Diff line change
Expand Up @@ -47,8 +47,6 @@
<Property Id="WIXUI_INSTALLDIR" Value="INSTALLDIR"/>

<!-- PropertyRef of the account users for setting InstallDir permission explicitly -->
<Property Id="AUTHENTICATED_USERS" Value="Authenticated Users"/>

<PropertyRef Id="WIX_ACCOUNT_LOCALSYSTEM" />
<PropertyRef Id="WIX_ACCOUNT_USERS" />
<PropertyRef Id="WIX_ACCOUNT_ADMINISTRATORS" />
Expand Down Expand Up @@ -329,6 +327,12 @@
Execute="immediate"
Return="check" />

<CustomAction Id="GetLocalizedUserNames"
BinaryKey="CustomActionsDLL"
DllEntry="GetLocalizedUserNames"
Execute="immediate"
Return="check" />

<Property Id="WixShellExecTarget" Value="[#InstallToolsBat]" />
<CustomAction Id="LaunchApplication" BinaryKey="WixCA" DllEntry="WixShellExec" />

Expand All @@ -338,6 +342,7 @@

<InstallExecuteSequence>
<Custom Action='SetInstallScope' Before='FindRelatedProducts'/>
<Custom Action='GetLocalizedUserNames' After='SetInstallScope'/>
<Custom Action='BroadcastEnvironmentUpdate' After='InstallFinalize'/>
</InstallExecuteSequence>

Expand Down

0 comments on commit e9cf120

Please sign in to comment.