Correct way to run apps from Application List with required user permissions ?

[ivanmara555]

Hello! I am using sunshine on my windows 10 host installed with defaut installer "sunshine-windows.exe". Installer create sunshinesvc service running with NT AUTHORITY\SYSTEM permissions.

On shunshine windows host i have restricted user account in regular users group (not Administrators) where my desktop apps and some games. When I need, i can switch to Administrator account or make "Run As Administartor". But always work as regular user.

Using moonlight client i can connect to sunshine windows host using default “Desktop” shortcut is hardcoded into sunshine. After connection i manually launch game from windows desktop shortcuts and game starting with correct regular user currently loggoned .

In sunshine web panel in Applications i create test game shortcut "Prodeus" with standart options like this:

Application Name: Prodeus
Command: D:\data\games\Prodeus\Prodeus.exe -gogEnabled
Working Directory: D:\data\games\Prodeus
Image: d:\data\games\Prodeus\prodeus.png

After running test game shortcut "Prodeus" i found that game starts with NT AUTHORITY\SYSTEM user !!!
Accordingly, all my settings and saves are unavailable, like you start game first time. Home folder for NT AUTHORITY\SYSTEM user become: %WinDir%\system32\config\systemprofile !

I think it's wrong to play games with NT AUTHORITY\SYSTEM user account and store game settings in the system directory ... :)
And this is a big security problem.

My question is: How i can correctly run apps from Application List with the required user rights ?

p.s. Thanks for your working!

[ReenigneArcher]

Any command you run from sunshine will run with the same permissions of how sunshine is running.

Running sunshine as a service runs it as the SYSTEM user. From my understanding this is how all services are run. Running as admin will have similar results.

I have not tried this within sunshine, but you can try psexec to execute commands as another user.

[cgutman]

We should definitely be launching apps with active console user's token rather than our own SYSTEM token. Unfortunately, this means gutting the nice cross-platform Boost code.

There are a variety of ways to do this such as https://devblogs.microsoft.com/oldnewthing/20190425-00/?p=102443 (I think this should work because sunshinesvc.exe spawns sunshine.exe into the user session, so I believe GetShellWindow() will work).

Rather than passing the shell process as a parent as in Raymond Chen's example code, we could also duplicate the token from it (like sunshinesvc itself does) and use CreateProcessAsUserW().

[TheElixZammuto]

I tried the approach used by https://web.archive.org/web/20101009012531/http://blogs.msdn.com/b/winsdk/archive/2009/07/14/launching-an-interactive-process-from-windows-service-in-windows-vista-and-later.aspx (Method 1.A) and I can confirm it works with Sunshine, but I wasn't happy in how I built the feature and I scrapped it. I'm probably gonna try this again soon

[cgutman]

#600 will fix this when merged.

[LizardByte-bot]

This issue has been fixed and will be available in the next release.

[oliverw]

Is this supposed to be included/fixed in v0.18.4?

[ReenigneArcher]

It was v0.18.0 if I recall.