Index: sandbox/win/src/policy_broker.cc |
diff --git a/sandbox/win/src/policy_broker.cc b/sandbox/win/src/policy_broker.cc |
index e6c2b26c6a9a7776b53684f788b0fd1a5fb6ebeb..74a93f0953d672f540873f0e51ba64b91707599f 100644 |
--- a/sandbox/win/src/policy_broker.cc |
+++ b/sandbox/win/src/policy_broker.cc |
@@ -96,7 +96,8 @@ bool SetupNtdllImports(TargetProcess *child) { |
#undef INIT_GLOBAL_NT |
#undef INIT_GLOBAL_RTL |
-bool SetupBasicInterceptions(InterceptionManager* manager) { |
+bool SetupBasicInterceptions(InterceptionManager* manager, |
+ bool is_csrss_connected) { |
// Interceptions provided by process_thread_policy, without actual policy. |
if (!INTERCEPT_NT(manager, NtOpenThread, OPEN_THREAD_ID, 20) || |
!INTERCEPT_NT(manager, NtOpenProcess, OPEN_PROCESS_ID, 20) || |
@@ -116,8 +117,15 @@ bool SetupBasicInterceptions(InterceptionManager* manager) { |
20)) |
return false; |
- return INTERCEPT_NT(manager, NtOpenThreadTokenEx, OPEN_THREAD_TOKEN_EX_ID, |
- 24); |
+ if (!INTERCEPT_NT(manager, NtOpenThreadTokenEx, OPEN_THREAD_TOKEN_EX_ID, |
+ 24)) |
+ return false; |
+ } |
+ |
+ if (!is_csrss_connected) { |
+ if (!INTERCEPT_EAT(manager, kKerneldllName, CreateThread, CREATE_THREAD_ID, |
+ 28)) |
+ return false; |
} |
return true; |