Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(290)

Unified Diff: sandbox/win/src/restricted_token.h

Issue 1240793004: Revert of Sandbox: Make CreateRestrictedToken return a ScopedHandle. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | sandbox/win/src/restricted_token.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: sandbox/win/src/restricted_token.h
diff --git a/sandbox/win/src/restricted_token.h b/sandbox/win/src/restricted_token.h
index 1bfc364b63418dce6bb13b3b92537ea96fae9042..565880e7787d680b0e75880dc07713ec2a344de2 100644
--- a/sandbox/win/src/restricted_token.h
+++ b/sandbox/win/src/restricted_token.h
@@ -10,7 +10,6 @@
#include "base/basictypes.h"
#include "base/strings/string16.h"
-#include "base/win/scoped_handle.h"
#include "sandbox/win/src/restricted_token_utils.h"
#include "sandbox/win/src/security_level.h"
#include "sandbox/win/src/sid.h"
@@ -36,12 +35,13 @@
// }
//
// restricted_token.AddRestrictingSid(ATL::Sids::Users().GetPSID());
-// base::win::ScopedHandle token_handle;
-// err_code = restricted_token.GetRestrictedToken(&token_handle);
+// HANDLE token_handle;
+// err_code = restricted_token.GetRestrictedTokenHandle(&token_handle);
// if (ERROR_SUCCESS != err_code) {
// // handle error.
// }
// [...]
+// CloseHandle(token_handle);
class RestrictedToken {
public:
// Init() has to be called before calling any other method in the class.
@@ -53,22 +53,24 @@
// the effective token of the current process.
unsigned Init(HANDLE effective_token);
- // Creates a restricted token.
+ // Creates a restricted token and returns its handle using the token_handle
+ // output parameter. This handle has to be closed by the caller.
// If the function succeeds, the return value is ERROR_SUCCESS. If the
// function fails, the return value is the win32 error code corresponding to
// the error.
- unsigned GetRestrictedToken(base::win::ScopedHandle* token) const;
+ unsigned GetRestrictedTokenHandle(HANDLE *token_handle) const;
// Creates a restricted token and uses this new token to create a new token
- // for impersonation. Returns this impersonation token.
+ // for impersonation. Returns the handle of this impersonation token using
+ // the token_handle output parameter. This handle has to be closed by
+ // the caller.
//
// If the function succeeds, the return value is ERROR_SUCCESS. If the
// function fails, the return value is the win32 error code corresponding to
// the error.
//
- // The sample usage is the same as the GetRestrictedToken function.
- unsigned GetRestrictedTokenForImpersonation(
- base::win::ScopedHandle* token) const;
+ // The sample usage is the same as the GetRestrictedTokenHandle function.
+ unsigned GetRestrictedTokenHandleForImpersonation(HANDLE *token_handle) const;
// Lists all sids in the token and mark them as Deny Only except for those
// present in the exceptions parameter. If there is no exception needed,
« no previous file with comments | « no previous file | sandbox/win/src/restricted_token.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698