From 1c48bd493c1fa4f5a2b93bd63cdf2ebea72fbd3f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=B0smail=20Y=C4=B1lmaz?= <32938453+ismail-yilmaz@users.noreply.github.com> Date: Fri, 18 Apr 2025 13:46:36 +0300 Subject: [PATCH] Core: ProcessHasAdminRights() function is added to utility functions. (#242) * Core: ProcessHasAdminRights() function is added to utility functions. * reference/DetectPrivegedProcess: Cosmetics. * Core: ProcessHasAdminRights() renamed as IsAdmin() * Core: IsAdmin() renamed as IsUserAdmin(). --- .../DetectPrivilegedProcess.upp | 11 +++++++++ reference/DetectPrivilegedProcess/main.cpp | 12 ++++++++++ uppsrc/Core/App.cpp | 24 +++++++++++++++++++ uppsrc/Core/App.h | 2 ++ uppsrc/Core/src.tpp/AppEnv_en-us.tpp | 5 ++++ 5 files changed, 54 insertions(+) create mode 100644 reference/DetectPrivilegedProcess/DetectPrivilegedProcess.upp create mode 100644 reference/DetectPrivilegedProcess/main.cpp diff --git a/reference/DetectPrivilegedProcess/DetectPrivilegedProcess.upp b/reference/DetectPrivilegedProcess/DetectPrivilegedProcess.upp new file mode 100644 index 000000000..3abf291b5 --- /dev/null +++ b/reference/DetectPrivilegedProcess/DetectPrivilegedProcess.upp @@ -0,0 +1,11 @@ +description "Detects and warns if the app is running in root/admin mode.\377"; + +uses + CtrlLib; + +file + main.cpp; + +mainconfig + "" = "GUI"; + diff --git a/reference/DetectPrivilegedProcess/main.cpp b/reference/DetectPrivilegedProcess/main.cpp new file mode 100644 index 000000000..f437c2c14 --- /dev/null +++ b/reference/DetectPrivilegedProcess/main.cpp @@ -0,0 +1,12 @@ +#include + +using namespace Upp; + +GUI_APP_MAIN +{ + // Run the example as administrator (Windows) or as root (POSIX) to get the warning. + if(IsUserAdmin()) + Exclamation(t_("Warning: Application has administrator/root rights.&This might pose a security risk!")); + else + PromptOK(t_("Application has user rights.")); +} diff --git a/uppsrc/Core/App.cpp b/uppsrc/Core/App.cpp index f283497c5..a27dec906 100644 --- a/uppsrc/Core/App.cpp +++ b/uppsrc/Core/App.cpp @@ -864,5 +864,29 @@ String GetProgramDataFolder() { return String("/var/opt"); } #endif +bool IsUserAdmin() +{ +#ifdef PLATFORM_POSIX + return geteuid() == 0; +#elif PLATFORM_WIN32 + BOOL isAdmin = FALSE; + PSID pAdminGroup = nullptr; + SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY; + if(AllocateAndInitializeSid( + &NtAuthority, + 2, + SECURITY_BUILTIN_DOMAIN_RID, + DOMAIN_ALIAS_RID_ADMINS, + 0, 0, 0, 0, 0, 0, + &pAdminGroup)) { + CheckTokenMembership(nullptr, pAdminGroup, &isAdmin); + FreeSid(pAdminGroup); + } + return isAdmin; +#else + // Unsupported platform. (Assume no elevation.) + return false; +#endif +} } \ No newline at end of file diff --git a/uppsrc/Core/App.h b/uppsrc/Core/App.h index 1a0b572af..484de2a7d 100644 --- a/uppsrc/Core/App.h +++ b/uppsrc/Core/App.h @@ -116,4 +116,6 @@ String GetTemplatesFolder(); String GetDownloadFolder(); String GetProgramDataFolder(); +bool IsUserAdmin(); + void InstallCrashHook(void (*h)()); \ No newline at end of file diff --git a/uppsrc/Core/src.tpp/AppEnv_en-us.tpp b/uppsrc/Core/src.tpp/AppEnv_en-us.tpp index 5473112b5..00a1b364f 100644 --- a/uppsrc/Core/src.tpp/AppEnv_en-us.tpp +++ b/uppsrc/Core/src.tpp/AppEnv_en-us.tpp @@ -224,6 +224,11 @@ tring]_[* GetDesktopManager]()&] the value of `"DESKTOP`_SESSION`" environment variable is returned.&] [s3; &] [s4; &] +[s5;:Upp`:`:IsUserAdmin`(`): [@(0.0.255) bool] [* IsUserAdmin]()&] +[s2;%% Return true if the current process is running as administrator +(Windows) or root (POSIX).&] +[s3; &] +[s4; &] [s5;:LaunchWebBrowser`(const String`&`): [@(0.0.255) void]_[* LaunchWebBrowser]([@(0.0.255) c onst]_[_^topic`:`/`/Core`/src`/String`$en`-us`#String`:`:class^ String][@(0.0.255) `& ]_[*@3 url])&]