sandbox/win/src/sandbox_policy.h - Issue 1225183003: CreateThread interception, to use CreateRemoteThread

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: sandbox/win/src/sandbox_policy.h

Issue 1225183003: CreateThread interception, to use CreateRemoteThread (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: fix up casts Created 4 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: sandbox/win/src/sandbox_policy.h

diff --git a/sandbox/win/src/sandbox_policy.h b/sandbox/win/src/sandbox_policy.h

index 43b272b640e720cd3670fe8bc93b7c97ec797e0a..909066ff26cea92c7290a1fa0d10c1c5d3f7468d 100644

--- a/sandbox/win/src/sandbox_policy.h

+++ b/sandbox/win/src/sandbox_policy.h

@@ -48,17 +48,17 @@ class TargetPolicy {

// over the resulting process and thread handles.

// No other parameters besides the command line are

// passed to the child process.

- PROCESS_ALL_EXEC, // Allows the creation of a process and return fill

+ PROCESS_ALL_EXEC, // Allows the creation of a process and return full

// access on the returned handles.

// This flag can be used only when the main token of

// the sandboxed application is at least INTERACTIVE.

EVENTS_ALLOW_ANY, // Allows the creation of an event with full access.

- EVENTS_ALLOW_READONLY, // Allows opening an even with synchronize access.

- REG_ALLOW_READONLY, // Allows readonly access to a registry key.

- REG_ALLOW_ANY, // Allows read and write access to a registry key.

- FAKE_USER_GDI_INIT // Fakes user32 and gdi32 initialization. This can

- // be used to allow the DLLs to load and initialize

- // even if the process cannot access that subsystem.

+ EVENTS_ALLOW_READONLY, // Allows opening an even with synchronize access.

+ REG_ALLOW_READONLY, // Allows readonly access to a registry key.

+ REG_ALLOW_ANY, // Allows read and write access to a registry key.

+ FAKE_USER_GDI_INIT // Fakes user32 and gdi32 initialization. This can

+ // be used to allow the DLLs to load and initialize

+ // even if the process cannot access that subsystem.

};

// Increments the reference count of this object. The reference count must

@@ -209,6 +209,10 @@ class TargetPolicy {

// Returns the currently set delayed mitigation flags.

virtual MitigationFlags GetDelayedProcessMitigations() const = 0;

+ // Disconnect the target from CSRSS when TargetServices::LowerToken() is

+ // called inside the target.

+ virtual void SetDisconnectCsrss() = 0;

// Sets the interceptions to operate in strict mode. By default, interceptions

// are performed in "relaxed" mode, where if something inside NTDLL.DLL is

// already patched we attempt to intercept it anyway. Setting interceptions

« no previous file with comments | « sandbox/win/src/process_thread_policy.cc ('k') | sandbox/win/src/sandbox_policy_base.h » ('j') | no next file with comments »