Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(215)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/win/src/restricted_token_utils.h

Issue 1232963002: Sandbox: Make CreateRestrictedToken return a ScopedHandle. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « sandbox/win/src/restricted_token_unittest.cc ('k') | sandbox/win/src/restricted_token_utils.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef SANDBOX_SRC_RESTRICTED_TOKEN_UTILS_H__ 5 #ifndef SANDBOX_SRC_RESTRICTED_TOKEN_UTILS_H__
6 #define SANDBOX_SRC_RESTRICTED_TOKEN_UTILS_H__ 6 #define SANDBOX_SRC_RESTRICTED_TOKEN_UTILS_H__
7 7
8 #include <accctrl.h> 8 #include <accctrl.h>
9 #include <windows.h> 9 #include <windows.h>
10 10
11 #include "base/win/scoped_handle.h"
11 #include "sandbox/win/src/restricted_token.h" 12 #include "sandbox/win/src/restricted_token.h"
12 #include "sandbox/win/src/security_level.h" 13 #include "sandbox/win/src/security_level.h"
13 14
14 // Contains the utility functions to be able to create restricted tokens based 15 // Contains the utility functions to be able to create restricted tokens based
15 // on a security profiles. 16 // on a security profiles.
16 17
17 namespace sandbox { 18 namespace sandbox {
18 19
19 // The type of the token returned by the CreateNakedToken. 20 // The type of the token returned by the CreateNakedToken.
20 enum TokenType { 21 enum TokenType {
21 IMPERSONATION = 0, 22 IMPERSONATION = 0,
22 PRIMARY 23 PRIMARY
23 }; 24 };
24 25
25 // Creates a restricted token based on the effective token of the current 26 // Creates a restricted token based on the effective token of the current
26 // process. The parameter security_level determines how much the token is 27 // process. The parameter security_level determines how much the token is
27 // restricted. The token_type determines if the token will be used as a primary 28 // restricted. The token_type determines if the token will be used as a primary
28 // token or impersonation token. The integrity level of the token is set to 29 // token or impersonation token. The integrity level of the token is set to
29 // |integrity level| on Vista only. 30 // |integrity level| on Vista only.
30 // token_handle is the output value containing the handle of the 31 // token_handle is the output value containing the handle of the
Will Harris 2015/07/16 03:23:56 nit: update comment
rvargas (doing something else) 2015/07/16 18:30:07 done. I also reordered the arguments to make the o
31 // newly created restricted token. 32 // newly created restricted token.
32 // If the function succeeds, the return value is ERROR_SUCCESS. If the 33 // If the function succeeds, the return value is ERROR_SUCCESS. If the
33 // function fails, the return value is the win32 error code corresponding to 34 // function fails, the return value is the win32 error code corresponding to
34 // the error. 35 // the error.
35 DWORD CreateRestrictedToken(HANDLE *token_handle, 36 DWORD CreateRestrictedToken(base::win::ScopedHandle* token,
36 TokenLevel security_level, 37 TokenLevel security_level,
37 IntegrityLevel integrity_level, 38 IntegrityLevel integrity_level,
38 TokenType token_type); 39 TokenType token_type);
39 40
40 // Starts the process described by the input parameter command_line in a job 41 // Starts the process described by the input parameter command_line in a job
41 // with a restricted token. Also set the main thread of this newly created 42 // with a restricted token. Also set the main thread of this newly created
42 // process to impersonate a user with more rights so it can initialize 43 // process to impersonate a user with more rights so it can initialize
43 // correctly. 44 // correctly.
44 // 45 //
45 // Parameters: primary_level is the security level of the primary token. 46 // Parameters: primary_level is the security level of the primary token.
(...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after
91 // Hardens the integrity level policy on the current process. This is only 92 // Hardens the integrity level policy on the current process. This is only
92 // valid on Win 7 and above. Specifically it sets the policy to block read 93 // valid on Win 7 and above. Specifically it sets the policy to block read
93 // and execute so that a lower privileged process cannot open the token for 94 // and execute so that a lower privileged process cannot open the token for
94 // impersonate or duplicate permissions. This should limit potential security 95 // impersonate or duplicate permissions. This should limit potential security
95 // holes. 96 // holes.
96 DWORD HardenProcessIntegrityLevelPolicy(); 97 DWORD HardenProcessIntegrityLevelPolicy();
97 98
98 } // namespace sandbox 99 } // namespace sandbox
99 100
100 #endif // SANDBOX_SRC_RESTRICTED_TOKEN_UTILS_H__ 101 #endif // SANDBOX_SRC_RESTRICTED_TOKEN_UTILS_H__
OLDNEW
« no previous file with comments | « sandbox/win/src/restricted_token_unittest.cc ('k') | sandbox/win/src/restricted_token_utils.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698