From 2f101fedec51ac87e53fc9c00720f0069893b9ee Mon Sep 17 00:00:00 2001
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
Date: Fri, 19 Jul 2019 15:34:26 +0200
Subject: ipc: windows: match SDDL of WDK and make monkeyable

---
 ipc/uapi_windows.go | 14 +++-----------
 1 file changed, 3 insertions(+), 11 deletions(-)

diff --git a/ipc/uapi_windows.go b/ipc/uapi_windows.go
index 32d5524..4073c97 100644
--- a/ipc/uapi_windows.go
+++ b/ipc/uapi_windows.go
@@ -47,20 +47,12 @@ func (l *UAPIListener) Addr() net.Addr {
 	return l.listener.Addr()
 }
 
-func GetSystemSecurityDescriptor() string {
-	//
-	// SDDL encoded.
-	//
-	// (system = SECURITY_NT_AUTHORITY | SECURITY_LOCAL_SYSTEM_RID)
-	// owner: system
-	// grant: GENERIC_ALL to system
-	//
-	return "O:SYD:(A;;GA;;;SY)"
-}
+/* SDDL_DEVOBJ_SYS_ALL from the WDK */
+var UAPISecurityDescriptor = "O:SYD:P(A;;GA;;;SY)"
 
 func UAPIListen(name string) (net.Listener, error) {
 	config := winpipe.PipeConfig{
-		SecurityDescriptor: GetSystemSecurityDescriptor(),
+		SecurityDescriptor: UAPISecurityDescriptor,
 	}
 	listener, err := winpipe.ListenPipe("\\\\.\\pipe\\WireGuard\\"+name, &config)
 	if err != nil {
-- 
cgit v1.2.3-59-g8ed1b