refactor: replace password-based sudo with pkexec for improved security

2025-12-26 20:50:30 +08:00 · 2025-04-13 00:19:00 +08:00 · 2025-04-13 00:19:00 +08:00 · b15fc6ce3a
commit b15fc6ce3a
parent fcb323a17a
6 changed files with 63 additions and 144 deletions
--- a/src/main/core/manager.ts
+++ b/src/main/core/manager.ts
@ -262,18 +262,22 @@ async function checkProfile(): Promise<void> {
  }
 }

-export async function manualGrantCorePermition(password?: string): Promise<void> {
+export async function manualGrantCorePermition(): Promise<void> {
  const { core = 'mihomo' } = await getAppConfig()
  const corePath = mihomoCorePath(core)
  const execPromise = promisify(exec)
+  const execFilePromise = promisify(execFile)
  if (process.platform === 'darwin') {
    const shell = `chown root:admin ${corePath.replace(' ', '\\\\ ')}\nchmod +sx ${corePath.replace(' ', '\\\\ ')}`
    const command = `do shell script "${shell}" with administrator privileges`
    await execPromise(`osascript -e '${command}'`)
  }
  if (process.platform === 'linux') {
-    await execPromise(`echo "${password}" | sudo -S chown root:root "${corePath}"`)
-    await execPromise(`echo "${password}" | sudo -S chmod +sx "${corePath}"`)
+    await execFilePromise('pkexec', [
+      'bash',
+      '-c',
+      `chown root:root "${corePath}" && chmod +sx "${corePath}"`
+    ])
  }
 }

--- a/src/main/resolve/server.ts
+++ b/src/main/resolve/server.ts
@ -1,12 +1,6 @@
 import { getAppConfig, getControledMihomoConfig } from '../config'
 import { Worker } from 'worker_threads'
-import {
-  dataDir,
-  mihomoWorkDir,
-  resourcesFilesDir,
-  subStoreDir,
-  substoreLogPath
-} from '../utils/dirs'
+import { mihomoWorkDir, resourcesFilesDir, subStoreDir, substoreLogPath } from '../utils/dirs'
 import subStoreIcon from '../../../resources/subStoreIcon.png?asset'
 import { createWriteStream, existsSync, mkdirSync } from 'fs'
 import { writeFile, rm, cp } from 'fs/promises'
@ -18,8 +12,9 @@ import express from 'express'
 import axios from 'axios'
 import AdmZip from 'adm-zip'
 import { promisify } from 'util'
-import { exec } from 'child_process'
+import { execFile } from 'child_process'
 import { platform } from 'os'
+import { is } from '@electron-toolkit/utils'

 export let pacPort: number
 export let subStorePort: number
@ -148,12 +143,12 @@ export async function stopSubStoreBackendServer(): Promise<void> {
  }
 }

-export async function downloadSubStore(password?: string): Promise<void> {
+export async function downloadSubStore(): Promise<void> {
  const { 'mixed-port': mixedPort = 7890 } = await getControledMihomoConfig()
  const frontendDir = path.join(resourcesFilesDir(), 'sub-store-frontend')
  const backendPath = path.join(resourcesFilesDir(), 'sub-store.bundle.js')
-  const tempDir = path.join(dataDir(), 'temp')
-  const execPromise = promisify(exec)
+  const tempDir = path.join(resourcesFilesDir(), 'temp')
+  const execFilePromise = promisify(execFile)

  try {
    // 创建临时目录
@ -195,25 +190,20 @@ export async function downloadSubStore(password?: string): Promise<void> {
    const zip = new AdmZip(Buffer.from(frontendRes.data))
    zip.extractAllTo(tempDir, true)

-    // 如果是 Linux 平台，使用 sudo cp 移动文件
-    if (platform() === 'linux') {
+    if (platform() === 'linux' && !is.dev) {
      try {
-        await execPromise(`echo "${password}" | sudo -S cp  "${tempBackendPath}" "${backendPath}"`)
-        // 确保目标目录存在并清空
-        if (existsSync(frontendDir)) {
-          await execPromise(`echo "${password}" | sudo -S rm -r "${frontendDir}"`)
-        }
-        await execPromise(`echo "${password}" | sudo -S mkdir "${frontendDir}"`)
-        // 将 dist 目录中的内容移动到目标目录
-        await execPromise(
-          `echo "${password}" | sudo -S cp -r "${tempFrontendDir}"/* "${frontendDir}/"`
-        )
+        const bashCmd = [
+          `cp "${tempBackendPath}" "${backendPath}"`,
+          `rm -rf "${frontendDir}"`,
+          `mkdir -p "${frontendDir}"`,
+          `cp -r "${tempFrontendDir}"/* "${frontendDir}/"`
+        ].join(' && ')
+        await execFilePromise('pkexec', ['bash', '-c', bashCmd])
      } catch (error) {
        console.error('substore.downloadFailed:', error)
        throw error
      }
    } else {
-      // 非 Linux 平台
      await cp(tempBackendPath, backendPath)
      if (existsSync(frontendDir)) {
        await rm(frontendDir, { recursive: true })
@ -221,8 +211,6 @@ export async function downloadSubStore(password?: string): Promise<void> {
      mkdirSync(frontendDir, { recursive: true })
      await cp(path.join(tempDir, 'dist'), frontendDir, { recursive: true })
    }
-
-    // 清理临时目录
    await rm(tempDir, { recursive: true })
  } catch (error) {
    console.error('substore.downloadFailed:', error)
--- a/src/main/utils/ipc.ts
+++ b/src/main/utils/ipc.ts
@ -174,9 +174,7 @@ export function registerIpcMainHandlers(): void {
  ipcMain.handle('restartCore', ipcErrorWrapper(restartCore))
  ipcMain.handle('startMonitor', (_e, detached) => ipcErrorWrapper(startMonitor)(detached))
  ipcMain.handle('triggerSysProxy', (_e, enable) => ipcErrorWrapper(triggerSysProxy)(enable))
-  ipcMain.handle('manualGrantCorePermition', (_e, password) =>
-    ipcErrorWrapper(manualGrantCorePermition)(password)
-  )
+  ipcMain.handle('manualGrantCorePermition', () => ipcErrorWrapper(manualGrantCorePermition)())
  ipcMain.handle('getFilePath', (_e, ext) => getFilePath(ext))
  ipcMain.handle('readTextFile', (_e, filePath) => ipcErrorWrapper(readTextFile)(filePath))
  ipcMain.handle('getRuntimeConfigStr', ipcErrorWrapper(getRuntimeConfigStr))
@ -203,7 +201,7 @@ export function registerIpcMainHandlers(): void {
  ipcMain.handle('stopSubStoreFrontendServer', () => ipcErrorWrapper(stopSubStoreFrontendServer)())
  ipcMain.handle('startSubStoreBackendServer', () => ipcErrorWrapper(startSubStoreBackendServer)())
  ipcMain.handle('stopSubStoreBackendServer', () => ipcErrorWrapper(stopSubStoreBackendServer)())
-  ipcMain.handle('downloadSubStore', (_e, password) => ipcErrorWrapper(downloadSubStore)(password))
+  ipcMain.handle('downloadSubStore', () => ipcErrorWrapper(downloadSubStore)())
  ipcMain.handle('subStorePort', () => subStorePort)
  ipcMain.handle('subStoreFrontendPort', () => subStoreFrontendPort)
  ipcMain.handle('subStoreSubs', () => ipcErrorWrapper(subStoreSubs)())
--- a/src/renderer/src/pages/substore.tsx
+++ b/src/renderer/src/pages/substore.tsx
@ -14,8 +14,6 @@ import React, { useEffect, useState } from 'react'
 import { HiExternalLink } from 'react-icons/hi'
 import { useTranslation } from 'react-i18next'
 import { IoMdCloudDownload } from 'react-icons/io'
-import BasePasswordModal from '@renderer/components/base/base-password-modal'
-import { platform } from '@renderer/utils/init'

 const SubStore: React.FC = () => {
  const { t } = useTranslation()
@ -24,7 +22,6 @@ const SubStore: React.FC = () => {
  const [backendPort, setBackendPort] = useState<number | undefined>()
  const [frontendPort, setFrontendPort] = useState<number | undefined>()
  const [isUpdating, setIsUpdating] = useState(false)
-  const [openPasswordModal, setOpenPasswordModal] = useState(false)
  const getPort = async (): Promise<void> => {
    setBackendPort(await subStorePort())
    setFrontendPort(await subStoreFrontendPort())
@ -37,33 +34,10 @@ const SubStore: React.FC = () => {
  if (!frontendPort) return null
  return (
    <>
-      {openPasswordModal && (
-        <BasePasswordModal
-          onCancel={() => setOpenPasswordModal(false)}
-          onConfirm={async (password: string) => {
-            try {
-              setOpenPasswordModal(false)
-              new Notification(t('substore.updating'))
-              await downloadSubStore(password)
-              await stopSubStoreBackendServer()
-              await startSubStoreBackendServer()
-              await new Promise((resolve) => setTimeout(resolve, 1000))
-              setFrontendPort(0)
-              await stopSubStoreFrontendServer()
-              await startSubStoreFrontendServer()
-              await getPort()
-              new Notification(t('substore.updateCompleted'))
-            } catch (e) {
-              alert(e)
-            }
-          }}
-        />
-      )}
      <BasePage
        title={t('substore.title')}
        header={
          <div className="flex gap-2">
-            {platform != 'linux' && (
            <Button
              title={t('substore.checkUpdate')}
              isIconOnly
@ -93,29 +67,7 @@ const SubStore: React.FC = () => {
            >
              <IoMdCloudDownload className="text-lg" />
            </Button>
-            )}
-            {platform === 'linux' && (
-              <Button
-                title={t('substore.checkUpdate')}
-                isIconOnly
-                size="sm"
-                className="app-nodrag"
-                variant="light"
-                isLoading={isUpdating}
-                onPress={async () => {
-                  try {
-                    setIsUpdating(true)
-                    setOpenPasswordModal(true)
-                  } catch (e) {
-                    new Notification(`${t('substore.updateFailed')}: ${e}`)
-                  } finally {
-                    setIsUpdating(false)
-                  }
-                }}
-              >
-                <IoMdCloudDownload className="text-lg" />
-              </Button>
-            )}
+
            <Button
              title={t('substore.openInBrowser')}
              isIconOnly
--- a/src/renderer/src/pages/tun.tsx
+++ b/src/renderer/src/pages/tun.tsx
@ -6,7 +6,6 @@ import { useControledMihomoConfig } from '@renderer/hooks/use-controled-mihomo-c
 import { manualGrantCorePermition, restartCore, setupFirewall } from '@renderer/utils/ipc'
 import { platform } from '@renderer/utils/init'
 import React, { Key, useState } from 'react'
-import BasePasswordModal from '@renderer/components/base/base-password-modal'
 import { useAppConfig } from '@renderer/hooks/use-app-config'
 import { MdDeleteForever } from 'react-icons/md'
 import { useTranslation } from 'react-i18next'
@ -18,7 +17,6 @@ const Tun: React.FC = () => {
  const { autoSetDNS = true } = appConfig || {}
  const { tun } = controledMihomoConfig || {}
  const [loading, setLoading] = useState(false)
-  const [openPasswordModal, setOpenPasswordModal] = useState(false)
  const {
    device = 'Mihomo',
    stack = 'mixed',
@ -71,21 +69,6 @@ const Tun: React.FC = () => {

  return (
    <>
-      {openPasswordModal && (
-        <BasePasswordModal
-          onCancel={() => setOpenPasswordModal(false)}
-          onConfirm={async (password: string) => {
-            try {
-              await manualGrantCorePermition(password)
-              new Notification(t('tun.notifications.coreAuthSuccess'))
-              await restartCore()
-              setOpenPasswordModal(false)
-            } catch (e) {
-              alert(e)
-            }
-          }}
-        />
-      )}
      <BasePage
        title={t('tun.title')}
        header={
@ -145,7 +128,6 @@ const Tun: React.FC = () => {
                size="sm"
                color="primary"
                onPress={async () => {
-                  if (platform === 'darwin') {
                  try {
                    await manualGrantCorePermition()
                    new Notification(t('tun.notifications.coreAuthSuccess'))
@ -153,9 +135,6 @@ const Tun: React.FC = () => {
                  } catch (e) {
                    alert(e)
                  }
-                  } else {
-                    setOpenPasswordModal(true)
-                  }
                }}
              >
                {t('tun.core.auth')}
--- a/src/renderer/src/utils/ipc.ts
+++ b/src/renderer/src/utils/ipc.ts
@ -207,10 +207,8 @@ export async function triggerSysProxy(enable: boolean): Promise<void> {
  return ipcErrorWrapper(await window.electron.ipcRenderer.invoke('triggerSysProxy', enable))
 }

-export async function manualGrantCorePermition(password?: string): Promise<void> {
-  return ipcErrorWrapper(
-    await window.electron.ipcRenderer.invoke('manualGrantCorePermition', password)
-  )
+export async function manualGrantCorePermition(): Promise<void> {
+  return ipcErrorWrapper(await window.electron.ipcRenderer.invoke('manualGrantCorePermition'))
 }

 export async function getFilePath(ext: string[]): Promise<string[] | undefined> {
@ -326,8 +324,8 @@ export async function startSubStoreBackendServer(): Promise<void> {
 export async function stopSubStoreBackendServer(): Promise<void> {
  return ipcErrorWrapper(await window.electron.ipcRenderer.invoke('stopSubStoreBackendServer'))
 }
-export async function downloadSubStore(password?: string): Promise<void> {
-  return ipcErrorWrapper(await window.electron.ipcRenderer.invoke('downloadSubStore', password))
+export async function downloadSubStore(): Promise<void> {
+  return ipcErrorWrapper(await window.electron.ipcRenderer.invoke('downloadSubStore'))
 }

 export async function subStorePort(): Promise<number> {