The launcher on Windows currently requests elevated privileges upon running the program.
It would be better user experience and more secure to only request elevated privileges for the operations that need it. A few examples:
When performing disk operations (using node’s fs module or fs-extra) in a protected folder (such as Program Files).
When downloading and extracting to a protected folder (such as Program Files).
When launching FreeSO and it’s installed in a protected folder (such as Program Files). FreeSO currently needs admin permissions if installed in a protected folder.
On macOS the launcher does not require elevation immediately, which is a better approach. It only requests elevated privileges when installing mono or SDL, so no changes would be necessary for macOS.
Need to figure out:
How to determine if a FS operation is going to be performed on a protected folder (or see if fs throws an error, catch that to request privileges and redo the operation).
Find a way to actually request elevation, node-windows package?
Update 1
The way to do this would be to use sudo-prompt (which is already being used on macOS for mono and SDL installations, it works for Windows too).
Code that requires admin privileges would need to be refactored to be able to be run "standalone", since sudo-prompt only works by executing command line scripts.
Two node.js command line script files would need to be created:
A node.js script to run an installer, if the user-selected installation folder is a protected folder like C:/Program Files
A node.js script for launching the game if it's located in a protected folder like C:/Program Files
Related code would need to be refactored to be able to be run as sudo_prompt.exec('node script.js <args>'), as standalone routines with input arguments and stdout logs reporting progress that will be handled in the main launcher application, and proper handling of error exit codes.
By default, the launcher will run without admin privileges and will use sudo-prompt to elevate in these two cases.
The FSOLauncher.ini config file location will also have to be changed to a non-admin-privileges location, like %APPDATA%. Currently, it is created wherever the launcher itself is installed, in the same folder. So if the launcher was installed in Program Files, it wouldn't be able to read the config file.
The launcher on Windows currently requests elevated privileges upon running the program.
It would be better user experience and more secure to only request elevated privileges for the operations that need it. A few examples:
fs
module orfs-extra
) in a protected folder (such as Program Files).On macOS the launcher does not require elevation immediately, which is a better approach. It only requests elevated privileges when installing mono or SDL, so no changes would be necessary for macOS.
Need to figure out:
fs
throws an error, catch that to request privileges and redo the operation).node-windows
package?Update 1 The way to do this would be to use
sudo-prompt
(which is already being used on macOS for mono and SDL installations, it works for Windows too). Code that requires admin privileges would need to be refactored to be able to be run "standalone", since sudo-prompt only works by executing command line scripts.Two node.js command line script files would need to be created:
Related code would need to be refactored to be able to be run as
sudo_prompt.exec('node script.js <args>')
, as standalone routines with input arguments and stdout logs reporting progress that will be handled in the main launcher application, and proper handling of error exit codes.By default, the launcher will run without admin privileges and will use sudo-prompt to elevate in these two cases.
The FSOLauncher.ini config file location will also have to be changed to a non-admin-privileges location, like %APPDATA%. Currently, it is created wherever the launcher itself is installed, in the same folder. So if the launcher was installed in Program Files, it wouldn't be able to read the config file.