diff options
| author |   Jason A. Donenfeld <Jason@zx2c4.com> | 2019-05-04 10:04:33 +0200 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-05-04 10:04:33 +0200 |
| commit | 0b4e08815ae806c000b4c27f427e118cbbc09725 (patch) | |
| tree | 8ee71684e732ce23809df007414d3df300c05b2f /service | |
| parent | ui: show custom connected and disconnected icons in balloon (diff) | |
| download | wireguard-windows-0b4e08815ae806c000b4c27f427e118cbbc09725.tar.xz wireguard-windows-0b4e08815ae806c000b4c27f427e118cbbc09725.zip | |
service: temporarily disable security attributes
This must be reverted before we release! See big source code comment.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'service')
| -rw-r--r-- | service/service_manager.go | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/service/service_manager.go b/service/service_manager.go index 069bf459..715b4257 100644 --- a/service/service_manager.go +++ b/service/service_manager.go @@ -246,9 +246,19 @@ func (service *managerService) Execute(args []string, r <-chan svc.ChangeRequest log.Printf("Starting UI process for user: '%s@%s'", username, domain) attr := &os.ProcAttr{ Sys: &syscall.SysProcAttr{ - Token: syscall.Token(userToken), + Token: syscall.Token(userToken), + + /* TODO: XXX: BUG: HACK: DO NOT SHIP WITH THIS COMMENT: + * These next two lines are commented out, because: + * - We're uncertain of their correctness, especially with regards to integrity level. + * - The permissions are too tight and they interfere with some UI things like notification + * balloon icons. + * These will be reenabled once we've figured out the right way to do it, and this + * program should not ship until we've done so. + ProcessAttributes: &securityAttributes, ThreadAttributes: &securityAttributes, + */ }, Files: []*os.File{devNull, devNull, devNull}, Env: env, |