uapi: windows: work out pipe semantics

Pipes can be arranged like this, so that's fine. We also apply a strict
SDDL that can't be inherited and only gives access to local system.

Developed-with: Odd Stranne <odd@mullvad.net>

diff --git a/ipc/uapi_windows.go b/ipc/uapi_windows.go
index 209d0d2592130b827ef261ff419901971f5df406..158c5a826e55f2bec933182ea9e04429db7014e3 100644 (file)
--- a/ipc/uapi_windows.go
+++ b/ipc/uapi_windows.go
@@ -48,9 +48,9 @@ func (l *UAPIListener) Addr() net.Addr {
 
 func UAPIListen(name string) (net.Listener, error) {
        config := winio.PipeConfig{
-               SecurityDescriptor: "", //TODO: we want this to be a very locked down pipe.
+               SecurityDescriptor: "O:SYD:P(A;;GA;;;SY)", /* Local System only, not inheritable */
        }
-       listener, err := winio.ListenPipe("\\\\.\\pipe\\wireguard\\"+name, &config) //TODO: choose sane name.
+       listener, err := winio.ListenPipe("\\\\.\\pipe\\WireGuard\\"+name, &config)
        if err != nil {
                return nil, err
        }