From 5ee3e3f347edd32f32610151554f6a7d2e993ce2 Mon Sep 17 00:00:00 2001
From: rustdesk <info@rustdesk.com>
Date: Wed, 14 Dec 2022 00:51:43 +0800
Subject: [PATCH] fix Issue #1244

---
 src/platform/windows.rs | 10 ++++++----
 src/windows.cc          | 40 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 46 insertions(+), 4 deletions(-)

diff --git a/src/platform/windows.rs b/src/platform/windows.rs
index 075f7ed08..a2a99800f 100644
--- a/src/platform/windows.rs
+++ b/src/platform/windows.rs
@@ -439,6 +439,7 @@ extern "C" {
     fn win32_disable_lowlevel_keyboard(hwnd: HWND);
     fn win_stop_system_key_propagate(v: BOOL);
     fn is_win_down() -> BOOL;
+    fn is_local_system() -> BOOL;
 }
 
 extern "system" {
@@ -718,10 +719,10 @@ pub fn set_share_rdp(enable: bool) {
 }
 
 pub fn get_active_username() -> String {
-    let name = crate::username();
-    if name != "SYSTEM" {
-        return name;
+    if !is_root() {
+        return crate::username();
     }
+
     extern "C" {
         fn get_active_user(path: *mut u16, n: u32, rdp: BOOL) -> u32;
     }
@@ -757,7 +758,8 @@ pub fn is_prelogin() -> bool {
 }
 
 pub fn is_root() -> bool {
-    crate::username() == "SYSTEM"
+    // https://stackoverflow.com/questions/4023586/correct-way-to-find-out-if-a-service-is-running-as-the-system-user
+    unsafe { is_local_system() == TRUE }
 }
 
 pub fn lock_screen() {
diff --git a/src/windows.cc b/src/windows.cc
index dd3fa2e9e..137ae399e 100644
--- a/src/windows.cc
+++ b/src/windows.cc
@@ -588,4 +588,44 @@ extern "C"
         stop_system_key_propagate = v;
     }
 
+    // https://stackoverflow.com/questions/4023586/correct-way-to-find-out-if-a-service-is-running-as-the-system-user
+    BOOL is_local_system()
+    {
+        HANDLE hToken;
+        UCHAR bTokenUser[sizeof(TOKEN_USER) + 8 + 4 * SID_MAX_SUB_AUTHORITIES];
+        PTOKEN_USER pTokenUser = (PTOKEN_USER)bTokenUser;
+        ULONG cbTokenUser;
+        SID_IDENTIFIER_AUTHORITY siaNT = SECURITY_NT_AUTHORITY;
+        PSID pSystemSid;
+        BOOL bSystem;
+
+        // open process token
+        if (!OpenProcessToken(GetCurrentProcess(),
+                              TOKEN_QUERY,
+                              &hToken))
+            return FALSE;
+
+        // retrieve user SID
+        if (!GetTokenInformation(hToken, TokenUser, pTokenUser,
+                                 sizeof(bTokenUser), &cbTokenUser))
+        {
+            CloseHandle(hToken);
+            return FALSE;
+        }
+
+        CloseHandle(hToken);
+
+        // allocate LocalSystem well-known SID
+        if (!AllocateAndInitializeSid(&siaNT, 1, SECURITY_LOCAL_SYSTEM_RID,
+                                      0, 0, 0, 0, 0, 0, 0, &pSystemSid))
+            return FALSE;
+
+        // compare the user SID from the token with the LocalSystem SID
+        bSystem = EqualSid(pTokenUser->User.Sid, pSystemSid);
+
+        FreeSid(pSystemSid);
+
+        return bSystem;
+    }
+
 } // end of extern "C"
\ No newline at end of file