From 0773585dfda745e11487ce2436e96e5861d0915d Mon Sep 17 00:00:00 2001
From: Bryan Roe <git.bryan.roe@techsavvydude.com>
Date: Sun, 18 Oct 2020 01:17:17 -0700
Subject: [PATCH] Disabled self-update if any of the following is true:

1. Agent running as service, but without admin rights
2. Agent running as console, in temporary mode
---
 meshcore/agentcore.c | 7 ++++++-
 meshcore/agentcore.h | 1 +
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/meshcore/agentcore.c b/meshcore/agentcore.c
index 65b57c9..87b03ce 100644
--- a/meshcore/agentcore.c
+++ b/meshcore/agentcore.c
@@ -3671,7 +3671,7 @@ void MeshServer_Connect(MeshAgentHostContainer *agent)
 	gRemoteMouseRenderDefault = ILibSimpleDataStore_Get(agent->masterDb, "remoteMouseRender", NULL, 0);
 	ILibSimpleDataStore_ConfigCompact(agent->masterDb, ILibSimpleDataStore_GetInt(agent->masterDb, "compactDirtyMinimum", 0));
 	ILibSimpleDataStore_ConfigSizeLimit(agent->masterDb, ILibSimpleDataStore_GetInt(agent->masterDb, "dbWarningSizeThreshold", 0), MeshServer_DbWarning, agent);
-	agent->disableUpdate = ILibSimpleDataStore_Get(agent->masterDb, "disableUpdate", NULL, 0);
+	agent->disableUpdate = (agent->JSRunningAsService != 0 && agent->JSRunningWithAdmin == 0) | ILibSimpleDataStore_Get(agent->masterDb, "disableUpdate", NULL, 0) | (agent->JSRunningAsService == 0 && ((agent->capabilities & MeshCommand_AuthInfo_CapabilitiesMask_TEMPORARY) == MeshCommand_AuthInfo_CapabilitiesMask_TEMPORARY));
 	agent->forceUpdate = ILibSimpleDataStore_Get(agent->masterDb, "forceUpdate", NULL, 0);
 	agent->logUpdate = ILibSimpleDataStore_Get(agent->masterDb, "logUpdate", NULL, 0);
 	agent->fakeUpdate = ILibSimpleDataStore_Get(agent->masterDb, "fakeUpdate", NULL, 0);
@@ -4342,6 +4342,7 @@ int MeshAgent_AgentMode(MeshAgentHostContainer *agentHost, int paramLen, char **
 
 	agentHost->platformType = MeshAgent_Posix_PlatformTypes_UNKNOWN;
 	agentHost->JSRunningAsService = 0;
+	agentHost->JSRunningWithAdmin = 0;
 
 	if (duk_peval_string(tmpCtx, "(function foo() { var f = require('service-manager').manager.getServiceType(); switch(f){case 'procd': return(7); case 'windows': return(10); case 'launchd': return(3); case 'freebsd': return(5); case 'systemd': return(1); case 'init': return(2); case 'upstart': return(4); default: return(0);}})()") == 0)
 	{
@@ -4351,6 +4352,10 @@ int MeshAgent_AgentMode(MeshAgentHostContainer *agentHost, int paramLen, char **
 	{
 		agentHost->JSRunningAsService = duk_get_boolean(tmpCtx, -1);
 	}
+	if (duk_peval_string(tmpCtx, "require('user-sessions').isRoot();") == 0)
+	{
+		agentHost->JSRunningWithAdmin = duk_get_boolean(tmpCtx, -1);
+	}
 #endif
 #if !defined(MICROSTACK_NOTLS)
 
diff --git a/meshcore/agentcore.h b/meshcore/agentcore.h
index 99cff9d..636603c 100644
--- a/meshcore/agentcore.h
+++ b/meshcore/agentcore.h
@@ -236,6 +236,7 @@ typedef struct MeshAgentHostContainer
 	int dbRetryCount;
 	MeshAgent_Posix_PlatformTypes platformType;
 	int JSRunningAsService;
+	int JSRunningWithAdmin;
 #if defined(_WINSERVICE)
 	int runningAsConsole;
 #endif