| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_ | 5 #ifndef SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_ |
| 6 #define SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_ | 6 #define SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_ |
| 7 | 7 |
| 8 #include <windows.h> | 8 #include <windows.h> |
| 9 | 9 |
| 10 #include <list> | 10 #include <list> |
| (...skipping 34 matching lines...) Loading... |
| 45 uint32 ui_exceptions) OVERRIDE; | 45 uint32 ui_exceptions) OVERRIDE; |
| 46 virtual ResultCode SetAlternateDesktop(bool alternate_winstation) OVERRIDE; | 46 virtual ResultCode SetAlternateDesktop(bool alternate_winstation) OVERRIDE; |
| 47 virtual string16 GetAlternateDesktop() const OVERRIDE; | 47 virtual string16 GetAlternateDesktop() const OVERRIDE; |
| 48 virtual ResultCode CreateAlternateDesktop(bool alternate_winstation) OVERRIDE; | 48 virtual ResultCode CreateAlternateDesktop(bool alternate_winstation) OVERRIDE; |
| 49 virtual void DestroyAlternateDesktop() OVERRIDE; | 49 virtual void DestroyAlternateDesktop() OVERRIDE; |
| 50 virtual ResultCode SetIntegrityLevel(IntegrityLevel integrity_level) OVERRIDE; | 50 virtual ResultCode SetIntegrityLevel(IntegrityLevel integrity_level) OVERRIDE; |
| 51 virtual ResultCode SetDelayedIntegrityLevel( | 51 virtual ResultCode SetDelayedIntegrityLevel( |
| 52 IntegrityLevel integrity_level) OVERRIDE; | 52 IntegrityLevel integrity_level) OVERRIDE; |
| 53 virtual ResultCode SetAppContainer(const wchar_t* sid) OVERRIDE; | 53 virtual ResultCode SetAppContainer(const wchar_t* sid) OVERRIDE; |
| 54 virtual ResultCode SetCapability(const wchar_t* sid) OVERRIDE; | 54 virtual ResultCode SetCapability(const wchar_t* sid) OVERRIDE; |
| 55 virtual ResultCode SetProcessMitigations(MitigationFlags flags) OVERRIDE; |
| 56 virtual MitigationFlags GetProcessMitigations() OVERRIDE; |
| 57 virtual ResultCode SetDelayedProcessMitigations( |
| 58 MitigationFlags flags) OVERRIDE; |
| 59 virtual MitigationFlags GetDelayedProcessMitigations() OVERRIDE; |
| 55 virtual void SetStrictInterceptions() OVERRIDE; | 60 virtual void SetStrictInterceptions() OVERRIDE; |
| 56 virtual ResultCode AddRule(SubSystem subsystem, Semantics semantics, | 61 virtual ResultCode AddRule(SubSystem subsystem, Semantics semantics, |
| 57 const wchar_t* pattern) OVERRIDE; | 62 const wchar_t* pattern) OVERRIDE; |
| 58 virtual ResultCode AddDllToUnload(const wchar_t* dll_name); | 63 virtual ResultCode AddDllToUnload(const wchar_t* dll_name); |
| 59 virtual ResultCode AddKernelObjectToClose(const char16* handle_type, | 64 virtual ResultCode AddKernelObjectToClose(const char16* handle_type, |
| 60 const char16* handle_name) OVERRIDE; | 65 const char16* handle_name) OVERRIDE; |
| 61 | 66 |
| 62 // Dispatcher: | 67 // Dispatcher: |
| 63 virtual Dispatcher* OnMessageReady(IPCParams* ipc, | 68 virtual Dispatcher* OnMessageReady(IPCParams* ipc, |
| 64 CallbackGeneric* callback) OVERRIDE; | 69 CallbackGeneric* callback) OVERRIDE; |
| (...skipping 48 matching lines...) Loading... |
| 113 TokenLevel initial_level_; | 118 TokenLevel initial_level_; |
| 114 JobLevel job_level_; | 119 JobLevel job_level_; |
| 115 uint32 ui_exceptions_; | 120 uint32 ui_exceptions_; |
| 116 bool use_alternate_desktop_; | 121 bool use_alternate_desktop_; |
| 117 bool use_alternate_winstation_; | 122 bool use_alternate_winstation_; |
| 118 // Helps the file system policy initialization. | 123 // Helps the file system policy initialization. |
| 119 bool file_system_init_; | 124 bool file_system_init_; |
| 120 bool relaxed_interceptions_; | 125 bool relaxed_interceptions_; |
| 121 IntegrityLevel integrity_level_; | 126 IntegrityLevel integrity_level_; |
| 122 IntegrityLevel delayed_integrity_level_; | 127 IntegrityLevel delayed_integrity_level_; |
| 128 MitigationFlags mitigations_; |
| 129 MitigationFlags delayed_mitigations_; |
| 123 // The array of objects that will answer IPC calls. | 130 // The array of objects that will answer IPC calls. |
| 124 Dispatcher* ipc_targets_[IPC_LAST_TAG]; | 131 Dispatcher* ipc_targets_[IPC_LAST_TAG]; |
| 125 // Object in charge of generating the low level policy. | 132 // Object in charge of generating the low level policy. |
| 126 LowLevelPolicy* policy_maker_; | 133 LowLevelPolicy* policy_maker_; |
| 127 // Memory structure that stores the low level policy. | 134 // Memory structure that stores the low level policy. |
| 128 PolicyGlobal* policy_; | 135 PolicyGlobal* policy_; |
| 129 // The list of dlls to unload in the target process. | 136 // The list of dlls to unload in the target process. |
| 130 std::vector<string16> blacklisted_dlls_; | 137 std::vector<string16> blacklisted_dlls_; |
| 131 // This is a map of handle-types to names that we need to close in the | 138 // This is a map of handle-types to names that we need to close in the |
| 132 // target process. A null set means we need to close all handles of the | 139 // target process. A null set means we need to close all handles of the |
| 133 // given type. | 140 // given type. |
| 134 HandleCloser handle_closer_; | 141 HandleCloser handle_closer_; |
| 135 std::vector<string16> capabilities_; | 142 std::vector<string16> capabilities_; |
| 136 scoped_ptr<AppContainerAttributes> appcontainer_list_; | 143 scoped_ptr<AppContainerAttributes> appcontainer_list_; |
| 137 | 144 |
| 138 static HDESK alternate_desktop_handle_; | 145 static HDESK alternate_desktop_handle_; |
| 139 static HWINSTA alternate_winstation_handle_; | 146 static HWINSTA alternate_winstation_handle_; |
| 140 | 147 |
| 141 DISALLOW_COPY_AND_ASSIGN(PolicyBase); | 148 DISALLOW_COPY_AND_ASSIGN(PolicyBase); |
| 142 }; | 149 }; |
| 143 | 150 |
| 144 } // namespace sandbox | 151 } // namespace sandbox |
| 145 | 152 |
| 146 #endif // SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_ | 153 #endif // SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews