| OLD | NEW |
|---|
| 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <aclapi.h> | 5 #include <aclapi.h> |
| 6 #include <sddl.h> | 6 #include <sddl.h> |
| 7 #include <vector> | 7 #include <vector> |
| 8 | 8 |
| 9 #include "sandbox/src/restricted_token_utils.h" | 9 #include "sandbox/src/restricted_token_utils.h" |
| 10 | 10 |
| 11 #include "base/logging.h" | 11 #include "base/logging.h" |
| 12 #include "base/scoped_handle_win.h" | 12 #include "base/scoped_handle_win.h" |
| 13 #include "base/win_util.h" | 13 #include "base/win/windows_version.h" |
| 14 #include "sandbox/src/job.h" | 14 #include "sandbox/src/job.h" |
| 15 #include "sandbox/src/restricted_token.h" | 15 #include "sandbox/src/restricted_token.h" |
| 16 #include "sandbox/src/security_level.h" | 16 #include "sandbox/src/security_level.h" |
| 17 #include "sandbox/src/sid.h" | 17 #include "sandbox/src/sid.h" |
| 18 | 18 |
| 19 namespace sandbox { | 19 namespace sandbox { |
| 20 | 20 |
| 21 DWORD CreateRestrictedToken(HANDLE *token_handle, | 21 DWORD CreateRestrictedToken(HANDLE *token_handle, |
| 22 TokenLevel security_level, | 22 TokenLevel security_level, |
| 23 IntegrityLevel integrity_level, | 23 IntegrityLevel integrity_level, |
| (...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 78 privilege_exceptions.push_back(SE_CHANGE_NOTIFY_NAME); | 78 privilege_exceptions.push_back(SE_CHANGE_NOTIFY_NAME); |
| 79 restricted_token.AddRestrictingSid(WinBuiltinUsersSid); | 79 restricted_token.AddRestrictingSid(WinBuiltinUsersSid); |
| 80 restricted_token.AddRestrictingSid(WinWorldSid); | 80 restricted_token.AddRestrictingSid(WinWorldSid); |
| 81 restricted_token.AddRestrictingSid(WinRestrictedCodeSid); | 81 restricted_token.AddRestrictingSid(WinRestrictedCodeSid); |
| 82 | 82 |
| 83 // This token has to be able to create objects in BNO. | 83 // This token has to be able to create objects in BNO. |
| 84 // Unfortunately, on vista, it needs the current logon sid | 84 // Unfortunately, on vista, it needs the current logon sid |
| 85 // in the token to achieve this. You should also set the process to be | 85 // in the token to achieve this. You should also set the process to be |
| 86 // low integrity level so it can't access object created by other | 86 // low integrity level so it can't access object created by other |
| 87 // processes. | 87 // processes. |
| 88 if (win_util::GetWinVersion() >= win_util::WINVERSION_VISTA) { | 88 if (base::win::GetVersion() >= base::win::VERSION_VISTA) |
| 89 restricted_token.AddRestrictingSidLogonSession(); | 89 restricted_token.AddRestrictingSidLogonSession(); |
| 90 } | |
| 91 break; | 90 break; |
| 92 } | 91 } |
| 93 case USER_RESTRICTED: { | 92 case USER_RESTRICTED: { |
| 94 privilege_exceptions.push_back(SE_CHANGE_NOTIFY_NAME); | 93 privilege_exceptions.push_back(SE_CHANGE_NOTIFY_NAME); |
| 95 restricted_token.AddUserSidForDenyOnly(); | 94 restricted_token.AddUserSidForDenyOnly(); |
| 96 restricted_token.AddRestrictingSid(WinRestrictedCodeSid); | 95 restricted_token.AddRestrictingSid(WinRestrictedCodeSid); |
| 97 break; | 96 break; |
| 98 } | 97 } |
| 99 case USER_LOCKDOWN: { | 98 case USER_LOCKDOWN: { |
| 100 restricted_token.AddUserSidForDenyOnly(); | 99 restricted_token.AddUserSidForDenyOnly(); |
| (...skipping 178 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 279 case INTEGRITY_LEVEL_BELOW_LOW: | 278 case INTEGRITY_LEVEL_BELOW_LOW: |
| 280 return L"S-1-16-2048"; | 279 return L"S-1-16-2048"; |
| 281 case INTEGRITY_LEVEL_LAST: | 280 case INTEGRITY_LEVEL_LAST: |
| 282 return NULL; | 281 return NULL; |
| 283 } | 282 } |
| 284 | 283 |
| 285 NOTREACHED(); | 284 NOTREACHED(); |
| 286 return NULL; | 285 return NULL; |
| 287 } | 286 } |
| 288 DWORD SetTokenIntegrityLevel(HANDLE token, IntegrityLevel integrity_level) { | 287 DWORD SetTokenIntegrityLevel(HANDLE token, IntegrityLevel integrity_level) { |
| 289 if (win_util::GetWinVersion() < win_util::WINVERSION_VISTA) | 288 if (base::win::GetVersion() < base::win::VERSION_VISTA) |
| 290 return ERROR_SUCCESS; | 289 return ERROR_SUCCESS; |
| 291 | 290 |
| 292 const wchar_t* integrity_level_str = GetIntegrityLevelString(integrity_level); | 291 const wchar_t* integrity_level_str = GetIntegrityLevelString(integrity_level); |
| 293 if (!integrity_level_str) { | 292 if (!integrity_level_str) { |
| 294 // No mandatory level specified, we don't change it. | 293 // No mandatory level specified, we don't change it. |
| 295 return ERROR_SUCCESS; | 294 return ERROR_SUCCESS; |
| 296 } | 295 } |
| 297 | 296 |
| 298 PSID integrity_sid = NULL; | 297 PSID integrity_sid = NULL; |
| 299 if (!::ConvertStringSidToSid(integrity_level_str, &integrity_sid)) | 298 if (!::ConvertStringSidToSid(integrity_level_str, &integrity_sid)) |
| 300 return ::GetLastError(); | 299 return ::GetLastError(); |
| 301 | 300 |
| 302 TOKEN_MANDATORY_LABEL label = {0}; | 301 TOKEN_MANDATORY_LABEL label = {0}; |
| 303 label.Label.Attributes = SE_GROUP_INTEGRITY; | 302 label.Label.Attributes = SE_GROUP_INTEGRITY; |
| 304 label.Label.Sid = integrity_sid; | 303 label.Label.Sid = integrity_sid; |
| 305 | 304 |
| 306 DWORD size = sizeof(TOKEN_MANDATORY_LABEL) + ::GetLengthSid(integrity_sid); | 305 DWORD size = sizeof(TOKEN_MANDATORY_LABEL) + ::GetLengthSid(integrity_sid); |
| 307 BOOL result = ::SetTokenInformation(token, TokenIntegrityLevel, &label, | 306 BOOL result = ::SetTokenInformation(token, TokenIntegrityLevel, &label, |
| 308 size); | 307 size); |
| 309 ::LocalFree(integrity_sid); | 308 ::LocalFree(integrity_sid); |
| 310 | 309 |
| 311 return result ? ERROR_SUCCESS : ::GetLastError(); | 310 return result ? ERROR_SUCCESS : ::GetLastError(); |
| 312 } | 311 } |
| 313 | 312 |
| 314 DWORD SetProcessIntegrityLevel(IntegrityLevel integrity_level) { | 313 DWORD SetProcessIntegrityLevel(IntegrityLevel integrity_level) { |
| 315 if (win_util::GetWinVersion() < win_util::WINVERSION_VISTA) | 314 if (base::win::GetVersion() < base::win::VERSION_VISTA) |
| 316 return ERROR_SUCCESS; | 315 return ERROR_SUCCESS; |
| 317 | 316 |
| 318 const wchar_t* integrity_level_str = GetIntegrityLevelString(integrity_level); | 317 const wchar_t* integrity_level_str = GetIntegrityLevelString(integrity_level); |
| 319 if (!integrity_level_str) { | 318 if (!integrity_level_str) { |
| 320 // No mandatory level specified, we don't change it. | 319 // No mandatory level specified, we don't change it. |
| 321 return ERROR_SUCCESS; | 320 return ERROR_SUCCESS; |
| 322 } | 321 } |
| 323 | 322 |
| 324 // Before we can change the token, we need to change the security label on the | 323 // Before we can change the token, we need to change the security label on the |
| 325 // process so it is still possible to open the process with the new token. | 324 // process so it is still possible to open the process with the new token. |
| (...skipping 10 matching lines...) Expand all Loading... |
| 336 &token_handle)) | 335 &token_handle)) |
| 337 return ::GetLastError(); | 336 return ::GetLastError(); |
| 338 | 337 |
| 339 ScopedHandle token(token_handle); | 338 ScopedHandle token(token_handle); |
| 340 | 339 |
| 341 return SetTokenIntegrityLevel(token.Get(), integrity_level); | 340 return SetTokenIntegrityLevel(token.Get(), integrity_level); |
| 342 } | 341 } |
| 343 | 342 |
| 344 | 343 |
| 345 } // namespace sandbox | 344 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 3823002:
Move windows version-related stuff out of base/win_util and into base/win/win... (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/