diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-08-30 13:32:12 -0600 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-09-01 21:46:47 -0600 |
commit | 32a11cfa559aa218c7577d26199622c84daf60f4 (patch) | |
tree | 0153613791126f06dc6ad4b89a6af023da3bad03 /manager | |
parent | mod: update dependencies (diff) | |
download | wireguard-windows-32a11cfa559aa218c7577d26199622c84daf60f4.tar.xz wireguard-windows-32a11cfa559aa218c7577d26199622c84daf60f4.zip |
manager: enforce client pipe ownership
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'manager')
-rw-r--r-- | manager/ipc_server.go | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/manager/ipc_server.go b/manager/ipc_server.go index 3bb92066..9b2aac43 100644 --- a/manager/ipc_server.go +++ b/manager/ipc_server.go @@ -15,6 +15,7 @@ import ( "os" "sync" "sync/atomic" + "syscall" "time" "golang.org/x/sys/windows" @@ -54,7 +55,11 @@ func (s *ManagerService) RuntimeConfig(tunnelName string, config *conf.Config) e if err != nil { return err } - pipe, err := winpipe.DialPipe(pipePath, nil) + localSystem, err := windows.CreateWellKnownSid(windows.WinLocalSystemSid) + if err != nil { + return err + } + pipe, err := winpipe.DialPipe(pipePath, nil, (*syscall.SID)(localSystem)) if err != nil { return err } |