OLD | NEW |
---|---|
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "sandbox/win/src/process_thread_policy.h" | 5 #include "sandbox/win/src/process_thread_policy.h" |
6 | 6 |
7 #include <stdint.h> | 7 #include <stdint.h> |
8 | 8 |
9 #include <string> | 9 #include <string> |
10 | 10 |
(...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
92 return false; | 92 return false; |
93 }; | 93 }; |
94 } | 94 } |
95 | 95 |
96 if (!process->AddStringMatch(IF, NameBased::NAME, name, CASE_INSENSITIVE)) { | 96 if (!process->AddStringMatch(IF, NameBased::NAME, name, CASE_INSENSITIVE)) { |
97 return false; | 97 return false; |
98 } | 98 } |
99 if (!policy->AddRule(IPC_CREATEPROCESSW_TAG, process.get())) { | 99 if (!policy->AddRule(IPC_CREATEPROCESSW_TAG, process.get())) { |
100 return false; | 100 return false; |
101 } | 101 } |
102 if (!policy->AddRule(IPC_CREATETHREAD_TAG, process.get())) { | |
103 return false; | |
104 } | |
liamjm (20p)
2016/02/02 20:43:45
cpu@: Can you comment on the suitability of adding
| |
102 return true; | 105 return true; |
103 } | 106 } |
104 | 107 |
105 NTSTATUS ProcessPolicy::OpenThreadAction(const ClientInfo& client_info, | 108 NTSTATUS ProcessPolicy::OpenThreadAction(const ClientInfo& client_info, |
106 uint32_t desired_access, | 109 uint32_t desired_access, |
107 uint32_t thread_id, | 110 uint32_t thread_id, |
108 HANDLE* handle) { | 111 HANDLE* handle) { |
109 *handle = NULL; | 112 *handle = NULL; |
110 | 113 |
111 NtOpenThreadFunction NtOpenThread = NULL; | 114 NtOpenThreadFunction NtOpenThread = NULL; |
(...skipping 119 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
231 BOOL should_give_full_access = (GIVE_ALLACCESS == eval_result); | 234 BOOL should_give_full_access = (GIVE_ALLACCESS == eval_result); |
232 if (!CreateProcessExWHelper(client_info.process, should_give_full_access, | 235 if (!CreateProcessExWHelper(client_info.process, should_give_full_access, |
233 app_name.c_str(), cmd_line.get(), NULL, NULL, | 236 app_name.c_str(), cmd_line.get(), NULL, NULL, |
234 FALSE, 0, NULL, NULL, &startup_info, | 237 FALSE, 0, NULL, NULL, &startup_info, |
235 process_info)) { | 238 process_info)) { |
236 return ERROR_ACCESS_DENIED; | 239 return ERROR_ACCESS_DENIED; |
237 } | 240 } |
238 return ERROR_SUCCESS; | 241 return ERROR_SUCCESS; |
239 } | 242 } |
240 | 243 |
244 DWORD ProcessPolicy::CreateThreadAction( | |
forshaw
2016/02/02 11:11:49
Is this only going to be used in test code or will
liamjm (20p)
2016/02/02 20:43:45
This is the intended mechanism for CreateThread in
| |
245 EvalResult eval_result, | |
246 const ClientInfo& client_info, | |
247 const SIZE_T stack_size, | |
248 const LPTHREAD_START_ROUTINE start_address, | |
249 const LPVOID parameter, | |
250 const DWORD creation_flags, | |
251 LPDWORD thread_id, | |
252 HANDLE* handle) { | |
253 // The only action supported is ASK_BROKER which means create the process. | |
forshaw
2016/02/02 11:11:49
nit: You mean thread not process?
liamjm (20p)
2016/02/02 20:43:45
Done.
| |
254 if (GIVE_ALLACCESS != eval_result && GIVE_READONLY != eval_result) { | |
255 return ERROR_ACCESS_DENIED; | |
256 } | |
257 HANDLE local_handle = | |
258 CreateRemoteThread(client_info.process, nullptr, stack_size, | |
259 start_address, parameter, creation_flags, thread_id); | |
260 if (!local_handle) { | |
261 return ::GetLastError(); | |
262 } | |
263 if (!::DuplicateHandle(::GetCurrentProcess(), local_handle, | |
264 client_info.process, handle, 0, FALSE, | |
Will Harris
2016/02/02 05:45:33
should this 0 be THREAD_ALL_ACCESS if eval_result
forshaw
2016/02/02 11:11:49
CreateRemoteThread should return a handle with THR
liamjm (20p)
2016/02/02 20:43:45
If DUPLCIATE_SAME_ACCESS is specified below, then
| |
265 DUPLICATE_CLOSE_SOURCE | DUPLICATE_SAME_ACCESS)) { | |
Will Harris
2016/02/02 05:45:33
I'm not sure this should be DUPLICATE_SAME_ACCESS
| |
266 return ERROR_ACCESS_DENIED; | |
267 } | |
268 return ERROR_SUCCESS; | |
269 } | |
270 | |
241 } // namespace sandbox | 271 } // namespace sandbox |
OLD | NEW |