OLD | NEW |
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/common/sandbox_policy.h" | 5 #include "chrome/common/sandbox_policy.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 | 8 |
9 #include "app/win_util.h" | 9 #include "app/win_util.h" |
10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
(...skipping 288 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
299 | 299 |
300 return true; | 300 return true; |
301 } | 301 } |
302 | 302 |
303 // Creates a sandbox for the built-in flash plugin running in a restricted | 303 // Creates a sandbox for the built-in flash plugin running in a restricted |
304 // environment. This is a work in progress and for the time being do not | 304 // environment. This is a work in progress and for the time being do not |
305 // pay attention to the duplication between this function and the above | 305 // pay attention to the duplication between this function and the above |
306 // function. For more information see bug 50796. | 306 // function. For more information see bug 50796. |
307 bool ApplyPolicyForBuiltInFlashPlugin(sandbox::TargetPolicy* policy) { | 307 bool ApplyPolicyForBuiltInFlashPlugin(sandbox::TargetPolicy* policy) { |
308 // TODO(cpu): Lock down the job level more. | 308 // TODO(cpu): Lock down the job level more. |
309 policy->SetJobLevel(sandbox::JOB_INTERACTIVE, 0); | 309 policy->SetJobLevel(sandbox::JOB_UNPROTECTED, 0); |
310 | 310 |
311 sandbox::TokenLevel initial_token = sandbox::USER_UNPROTECTED; | 311 sandbox::TokenLevel initial_token = sandbox::USER_UNPROTECTED; |
312 if (win_util::GetWinVersion() > win_util::WINVERSION_XP) | 312 if (win_util::GetWinVersion() > win_util::WINVERSION_XP) |
313 initial_token = sandbox::USER_RESTRICTED_SAME_ACCESS; | 313 initial_token = sandbox::USER_RESTRICTED_SAME_ACCESS; |
314 policy->SetTokenLevel(initial_token, sandbox::USER_LIMITED); | 314 policy->SetTokenLevel(initial_token, sandbox::USER_LIMITED); |
315 | 315 |
316 policy->SetDelayedIntegrityLevel(sandbox::INTEGRITY_LEVEL_LOW); | 316 policy->SetDelayedIntegrityLevel(sandbox::INTEGRITY_LEVEL_LOW); |
317 | 317 |
318 // TODO(cpu): Proxy registry access and remove this policies. | 318 // TODO(cpu): Proxy registry access and remove these policies. |
319 if (!AddKeyAndSubkeys(L"HKEY_CURRENT_USER\\SOFTWARE\\ADOBE", | 319 if (!AddKeyAndSubkeys(L"HKEY_CURRENT_USER\\SOFTWARE\\ADOBE", |
320 sandbox::TargetPolicy::REG_ALLOW_ANY, | 320 sandbox::TargetPolicy::REG_ALLOW_ANY, |
321 policy)) | 321 policy)) |
322 return false; | 322 return false; |
323 | 323 |
324 if (!AddKeyAndSubkeys(L"HKEY_CURRENT_USER\\SOFTWARE\\MACROMEDIA", | 324 if (!AddKeyAndSubkeys(L"HKEY_CURRENT_USER\\SOFTWARE\\MACROMEDIA", |
325 sandbox::TargetPolicy::REG_ALLOW_ANY, | 325 sandbox::TargetPolicy::REG_ALLOW_ANY, |
326 policy)) | 326 policy)) |
327 return false; | 327 return false; |
328 | 328 |
329 if (win_util::GetWinVersion() >= win_util::WINVERSION_VISTA) { | 329 // Use a different data folder for flash data. This needs to be |
330 if (!AddKeyAndSubkeys(L"HKEY_CURRENT_USER\\SOFTWARE\\AppDataLow", | 330 // reverted once we stop the experiments. |
331 sandbox::TargetPolicy::REG_ALLOW_ANY, | 331 FilePath flash_path; |
332 policy)) | 332 PathService::Get(chrome::DIR_USER_DATA, &flash_path); |
333 return false; | 333 flash_path = flash_path.AppendASCII("swflash"); |
334 } | 334 ::SetEnvironmentVariableW(L"CHROME_FLASH_ROOT", |
335 | 335 flash_path.ToWStringHack().c_str()); |
336 return true; | 336 return true; |
337 } | 337 } |
338 | 338 |
339 // Adds the custom policy rules for a given plugin. |trusted_plugins| contains | 339 // Adds the custom policy rules for a given plugin. |trusted_plugins| contains |
340 // the comma separate list of plugin dll names that should not be sandboxed. | 340 // the comma separate list of plugin dll names that should not be sandboxed. |
341 bool AddPolicyForPlugin(const CommandLine* cmd_line, | 341 bool AddPolicyForPlugin(const CommandLine* cmd_line, |
342 sandbox::TargetPolicy* policy) { | 342 sandbox::TargetPolicy* policy) { |
343 std::wstring plugin_dll = cmd_line-> | 343 std::wstring plugin_dll = cmd_line-> |
344 GetSwitchValueNative(switches::kPluginPath); | 344 GetSwitchValueNative(switches::kPluginPath); |
345 std::wstring trusted_plugins = CommandLine::ForCurrentProcess()-> | 345 std::wstring trusted_plugins = CommandLine::ForCurrentProcess()-> |
(...skipping 198 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
544 | 544 |
545 // Help the process a little. It can't start the debugger by itself if | 545 // Help the process a little. It can't start the debugger by itself if |
546 // the process is in a sandbox. | 546 // the process is in a sandbox. |
547 if (child_needs_help) | 547 if (child_needs_help) |
548 DebugUtil::SpawnDebuggerOnProcess(target.dwProcessId); | 548 DebugUtil::SpawnDebuggerOnProcess(target.dwProcessId); |
549 | 549 |
550 return process; | 550 return process; |
551 } | 551 } |
552 | 552 |
553 } // namespace sandbox | 553 } // namespace sandbox |
OLD | NEW |