Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

feat: add experimental privileged helper#160

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Merged
ethanndickson merged 4 commits intomainfromethan/add-privileged-helper
May 19, 2025

Conversation

ethanndickson
Copy link
Member

@ethanndicksonethanndickson commentedMay 14, 2025
edited
Loading

Closes#135.
Closes#142.

This PR adds an optional privilegedLaunchDaemon capable of removing the quarantine flag on a downloaded.dylib without prompting the user to enter their password. This is most useful when the Coder deployment updates frequently.

image

The System Extension communicates directly with theLaunchDaemon, meaning a new.dylib can be downloaded and executed even if the app was closed, which was previously not possible.

I've tested this in a fresh 15.4 VM.

matifali reacted with hooray emoji
@ethanndicksonGraphite App
Copy link
MemberAuthor

ethanndickson commentedMay 14, 2025
edited
Loading

private var connection: NSXPCConnection?

func tryRemoveQuarantine(path: String) async -> Bool {
let conn = connect()
Copy link
MemberAuthor

@ethanndicksonethanndicksonMay 14, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

LaunchDaemons are ran on-demand. Just attempting to communicate with it over XPC is enough to get it to start (as the OS knows which daemons use which XPC services, defined in the .plist)

@@ -235,6 +247,7 @@ targets:
platform: macOS
sources:
- path: VPN
- path: Coder-DesktopHelper/HelperXPCProtocol.swift
Copy link
MemberAuthor

@ethanndicksonethanndicksonMay 14, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

The file with the XPC protocol is included in both targets, to avoid having it defined twice.

@ethanndicksonethanndickson marked this pull request as ready for reviewMay 14, 2025 05:10
Copy link

@CopilotCopilotAI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

Pull Request Overview

This PR introduces an experimental privileged helper that removes the quarantine flag on downloaded dylibs without requiring a user password, streamlining frequent deployment updates. Key changes include updating build targets for the helper, integrating a new XPC listener and helper service for privileged operations, and enhancing the settings UI with an Experimental tab for managing the helper.

Reviewed Changes

Copilot reviewed 15 out of 15 changed files in this pull request and generated 1 comment.

Show a summary per file
FileDescription
Coder-Desktop/project.ymlAdds build phase configuration for the new helper daemon and target embedding.
Coder-Desktop/VPNLib/FileSync/FileSyncDaemon.swiftUpdates log message wording for clarity.
Coder-Desktop/VPN/main.swiftReplaces the old XPC listener delegate with the new AppXPCListener and integrates the helper XPC speaker.
Coder-Desktop/VPN/Manager.swiftIntroduces logic to first attempt using the privileged helper to remove quarantine.
Coder-Desktop/VPN/HelperXPCSpeaker.swiftImplements asynchronous XPC communication with the helper for removing quarantine.
Coder-Desktop/VPN/AppXPCListener.swiftIntroduces the new XPC listener implementation for the app.
Coder-Desktop/Coder-DesktopHelper/main.swiftImplements the launch daemon for privileged helper operations.
Coder-Desktop/Coder-Desktop/Views/Settings/*.swiftAdds and integrates a new Experimental tab and helper UI components.
Coder-Desktop/Coder-Desktop/HelperService.swiftImplements the helper state management and installation logic.
Coder-Desktop/Coder-Desktop/Coder_DesktopApp.swiftInjects the helper service into the app’s environment.
Comments suppressed due to low confidence (1)

Coder-Desktop/VPN/AppXPCListener.swift:30

  • The logger instance is not declared in this class; ensure a logger is defined or passed into the context before its usage.
logger.info("active connection dead")

Copy link
MemberAuthor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

This is not new code, just copied frommain.swift in the system extension

.resolvingSymlinksInPath()

// *Must* be within the Coder Desktop System Extension sandbox
let requiredPrefix = ["/", "var", "root", "Library", "Containers",
Copy link
MemberAuthor

@ethanndicksonethanndicksonMay 15, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

Any file created by the system extension will have this prefix, so I think it's fine to hardcode.
In case this was somehow exploited to unquarantine some other.dylib in the container:

  • macOS (dlopen) still won't load it unless it's signed by the same team as the app
  • The system extension validates the signature of the dylib before opening it


func isCoderDesktopDylib(at rawPath: String) -> Bool {
let url = URL(fileURLWithPath: rawPath)
.standardizedFileURL
Copy link
MemberAuthor

@ethanndicksonethanndicksonMay 15, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

We standardize the URL to prevent an attack that starts with the prefix but uses.. to navigate to a file outside of the sandbox container.

@ethanndicksonethanndicksonforce-pushed theethan/add-privileged-helper branch from5569302 to6014befCompareMay 16, 2025 05:41
@ethanndicksonGraphite App
Copy link
MemberAuthor

ethanndickson commentedMay 19, 2025
edited
Loading

Merge activity

  • May 19, 5:29 AM EDT: A user started a stack merge that includes this pull request viaGraphite.
  • May 19, 5:29 AM EDT:@ethanndickson merged this pull request withGraphite.

@ethanndicksonethanndickson merged commit48afa7a intomainMay 19, 2025
4 checks passed
@ethanndicksonethanndickson deleted the ethan/add-privileged-helper branchMay 19, 2025 09:29
@ethanndicksonethanndickson self-assigned thisMay 23, 2025
Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment
Reviewers

Copilot code reviewCopilotCopilot left review comments

@deansheatherdeansheatherdeansheather approved these changes

@spikecurtisspikecurtisAwaiting requested review from spikecurtis

Assignees

@ethanndicksonethanndickson

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Permission was not granted to execute the CoderVPN dylib Add a privileged helper daemon to unquarantine the.dylib.
2 participants
@ethanndickson@deansheather
[8]ページ先頭
©2009-2025 Movatter.jp