Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions src/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,7 @@ windows = { version = "0.62", features = [
"Win32_System_SystemInformation",
"Win32_System_Time",
"Win32_System_SystemServices",
"Win32_System_SystemInformation",
"Win32_System_JobObjects",
] }
windows-core = "0.62"
Expand Down
19 changes: 17 additions & 2 deletions src/wxc/src/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -151,8 +151,23 @@ fn print_error_envelope(error: &MxcError) {
}

fn delete_app_container_profile(name: &str, logger: &mut Logger) -> bool {

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

delete_app_container_profile

Annoying the cleanup function isn't in the same file as the setup function (AC_runner.rs).

// Clear BFS policy first
let mut bfs = FileSystemBfsManager::new(name.to_string());
// Clear BFS policy first. We need an absolute path to `bfscfg.exe`
// here for the same security reason as the runner β€” pass an
// authoritative path to `CreateProcessW` rather than a bare name.
// If resolution fails (rare; only on hosts where
// `GetWindowsDirectoryW` itself returns 0), we log and skip the BFS
// clearing step; deleting the AppContainer profile below is still
// worth attempting.
let bfscfg_path = match wxc_common::fallback_detector::find_bfscfg_exe() {
Ok(p) => p,
Err(e) => {
logger.log_line(&format!(
"Skipping BFS policy clear: could not resolve bfscfg.exe ({e})"
));
None
}
};
let mut bfs = FileSystemBfsManager::new(name.to_string(), bfscfg_path);
bfs.remove_configuration(logger);

// Delete the AppContainer profile
Expand Down
15 changes: 14 additions & 1 deletion src/wxc_common/src/appcontainer_runner.rs
Original file line number Diff line number Diff line change
Expand Up @@ -599,7 +599,20 @@ impl ScriptRunner for AppContainerScriptRunner {
let principal_id = self.get_principal_id();
logger.log_line(&format!("AppContainerSID: {principal_id}"));

let mut bfs_manager = FileSystemBfsManager::new(self.app_container_name.clone());
// Resolve `bfscfg.exe` by absolute path so probe and execution
// agree on the binary β€” defeats executable-search-order
// hijacking (see `fallback_detector::find_bfscfg_exe`). On
// hosts where SystemRoot itself cannot be resolved (a
// pathological state on any healthy Windows install) we surface
// the resolution error rather than silently demoting to a
// weaker isolation tier.
let bfscfg_path = match crate::fallback_detector::find_bfscfg_exe() {
Ok(p) => p,
Err(e) => return ScriptResponse::error(&e.to_string()),
};

let mut bfs_manager =
FileSystemBfsManager::new(self.app_container_name.clone(), bfscfg_path);
if let Err(e) = bfs_manager.configure(&request.policy, logger) {
return ScriptResponse::error(&e.to_string());
}
Expand Down
Loading
Loading