| OLD | NEW |
|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/common/sandbox_policy.h" | 5 #include "chrome/common/sandbox_policy.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "app/win_util.h" | 9 #include "app/win_util.h" |
| 10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
| (...skipping 288 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 299 | 299 |
| 300 return true; | 300 return true; |
| 301 } | 301 } |
| 302 | 302 |
| 303 // Creates a sandbox for the built-in flash plugin running in a restricted | 303 // Creates a sandbox for the built-in flash plugin running in a restricted |
| 304 // environment. This is a work in progress and for the time being do not | 304 // environment. This is a work in progress and for the time being do not |
| 305 // pay attention to the duplication between this function and the above | 305 // pay attention to the duplication between this function and the above |
| 306 // function. For more information see bug 50796. | 306 // function. For more information see bug 50796. |
| 307 bool ApplyPolicyForBuiltInFlashPlugin(sandbox::TargetPolicy* policy) { | 307 bool ApplyPolicyForBuiltInFlashPlugin(sandbox::TargetPolicy* policy) { |
| 308 // TODO(cpu): Lock down the job level more. | 308 // TODO(cpu): Lock down the job level more. |
| 309 policy->SetJobLevel(sandbox::JOB_INTERACTIVE, 0); | 309 policy->SetJobLevel(sandbox::JOB_UNPROTECTED, 0); |
| 310 | 310 |
| 311 sandbox::TokenLevel initial_token = sandbox::USER_UNPROTECTED; | 311 sandbox::TokenLevel initial_token = sandbox::USER_UNPROTECTED; |
| 312 if (win_util::GetWinVersion() > win_util::WINVERSION_XP) | 312 if (win_util::GetWinVersion() > win_util::WINVERSION_XP) |
| 313 initial_token = sandbox::USER_RESTRICTED_SAME_ACCESS; | 313 initial_token = sandbox::USER_RESTRICTED_SAME_ACCESS; |
| 314 policy->SetTokenLevel(initial_token, sandbox::USER_LIMITED); | 314 policy->SetTokenLevel(initial_token, sandbox::USER_LIMITED); |
| 315 | 315 |
| 316 policy->SetDelayedIntegrityLevel(sandbox::INTEGRITY_LEVEL_LOW); | 316 policy->SetDelayedIntegrityLevel(sandbox::INTEGRITY_LEVEL_LOW); |
| 317 | 317 |
| 318 // TODO(cpu): Proxy registry access and remove this policies. | 318 // TODO(cpu): Proxy registry access and remove these policies. |
| 319 if (!AddKeyAndSubkeys(L"HKEY_CURRENT_USER\\SOFTWARE\\ADOBE", | 319 if (!AddKeyAndSubkeys(L"HKEY_CURRENT_USER\\SOFTWARE\\ADOBE", |
| 320 sandbox::TargetPolicy::REG_ALLOW_ANY, | 320 sandbox::TargetPolicy::REG_ALLOW_ANY, |
| 321 policy)) | 321 policy)) |
| 322 return false; | 322 return false; |
| 323 | 323 |
| 324 if (!AddKeyAndSubkeys(L"HKEY_CURRENT_USER\\SOFTWARE\\MACROMEDIA", | 324 if (!AddKeyAndSubkeys(L"HKEY_CURRENT_USER\\SOFTWARE\\MACROMEDIA", |
| 325 sandbox::TargetPolicy::REG_ALLOW_ANY, | 325 sandbox::TargetPolicy::REG_ALLOW_ANY, |
| 326 policy)) | 326 policy)) |
| 327 return false; | 327 return false; |
| 328 | 328 |
| 329 if (win_util::GetWinVersion() >= win_util::WINVERSION_VISTA) { | 329 // Use a different data folder for flash data. This needs to be |
| 330 if (!AddKeyAndSubkeys(L"HKEY_CURRENT_USER\\SOFTWARE\\AppDataLow", | 330 // reverted once we stop the experiments. |
| 331 sandbox::TargetPolicy::REG_ALLOW_ANY, | 331 FilePath flash_path; |
| 332 policy)) | 332 PathService::Get(chrome::DIR_USER_DATA, &flash_path); |
| 333 return false; | 333 flash_path = flash_path.AppendASCII("swflash"); |
| 334 } | 334 ::SetEnvironmentVariableW(L"CHROME_FLASH_ROOT", |
| 335 | 335 flash_path.ToWStringHack().c_str()); |
| 336 return true; | 336 return true; |
| 337 } | 337 } |
| 338 | 338 |
| 339 // Adds the custom policy rules for a given plugin. |trusted_plugins| contains | 339 // Adds the custom policy rules for a given plugin. |trusted_plugins| contains |
| 340 // the comma separate list of plugin dll names that should not be sandboxed. | 340 // the comma separate list of plugin dll names that should not be sandboxed. |
| 341 bool AddPolicyForPlugin(const CommandLine* cmd_line, | 341 bool AddPolicyForPlugin(const CommandLine* cmd_line, |
| 342 sandbox::TargetPolicy* policy) { | 342 sandbox::TargetPolicy* policy) { |
| 343 std::wstring plugin_dll = cmd_line-> | 343 std::wstring plugin_dll = cmd_line-> |
| 344 GetSwitchValueNative(switches::kPluginPath); | 344 GetSwitchValueNative(switches::kPluginPath); |
| 345 std::wstring trusted_plugins = CommandLine::ForCurrentProcess()-> | 345 std::wstring trusted_plugins = CommandLine::ForCurrentProcess()-> |
| (...skipping 198 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 544 | 544 |
| 545 // Help the process a little. It can't start the debugger by itself if | 545 // Help the process a little. It can't start the debugger by itself if |
| 546 // the process is in a sandbox. | 546 // the process is in a sandbox. |
| 547 if (child_needs_help) | 547 if (child_needs_help) |
| 548 DebugUtil::SpawnDebuggerOnProcess(target.dwProcessId); | 548 DebugUtil::SpawnDebuggerOnProcess(target.dwProcessId); |
| 549 | 549 |
| 550 return process; | 550 return process; |
| 551 } | 551 } |
| 552 | 552 |
| 553 } // namespace sandbox | 553 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
