Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(835)

Unified Diff: sandbox/win/src/restricted_token.cc

Issue 1240793004: Revert of Sandbox: Make CreateRestrictedToken return a ScopedHandle. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « sandbox/win/src/restricted_token.h ('k') | sandbox/win/src/restricted_token_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: sandbox/win/src/restricted_token.cc
diff --git a/sandbox/win/src/restricted_token.cc b/sandbox/win/src/restricted_token.cc
index 7fadb2bba61dad4782eb643d3ecef0019f457230..d94ca06ef65902841e74f3288e3a17809464bf1c 100644
--- a/sandbox/win/src/restricted_token.cc
+++ b/sandbox/win/src/restricted_token.cc
@@ -53,8 +53,7 @@
return ERROR_SUCCESS;
}
-unsigned RestrictedToken::GetRestrictedToken(
- base::win::ScopedHandle* token) const {
+unsigned RestrictedToken::GetRestrictedTokenHandle(HANDLE *token_handle) const {
DCHECK(init_);
if (!init_)
return ERROR_NO_TOKEN;
@@ -96,7 +95,7 @@
}
BOOL result = TRUE;
- HANDLE new_token_handle = NULL;
+ HANDLE new_token = NULL;
// The SANDBOX_INERT flag did nothing in XP and it was just a way to tell
// if a token has ben restricted given the limiations of IsTokenRestricted()
// but it appears that in Windows 7 it hints the AppLocker subsystem to
@@ -110,14 +109,14 @@
privileges_to_disable_array,
static_cast<DWORD>(restrict_size),
sids_to_restrict_array,
- &new_token_handle);
+ &new_token);
} else {
// Duplicate the token even if it's not modified at this point
// because any subsequent changes to this token would also affect the
// current process.
result = ::DuplicateTokenEx(effective_token_, TOKEN_ALL_ACCESS, NULL,
SecurityIdentification, TokenPrimary,
- &new_token_handle);
+ &new_token);
}
if (deny_only_array)
@@ -132,59 +131,68 @@
if (!result)
return ::GetLastError();
- base::win::ScopedHandle new_token(new_token_handle);
-
// Modify the default dacl on the token to contain Restricted and the user.
- if (!AddSidToDefaultDacl(new_token.Get(), WinRestrictedCodeSid, GENERIC_ALL))
- return ::GetLastError();
-
- if (!AddUserSidToDefaultDacl(new_token.Get(), GENERIC_ALL))
- return ::GetLastError();
-
- DWORD error = SetTokenIntegrityLevel(new_token.Get(), integrity_level_);
+ if (!AddSidToDefaultDacl(new_token, WinRestrictedCodeSid, GENERIC_ALL))
+ return ::GetLastError();
+
+ if (!AddUserSidToDefaultDacl(new_token, GENERIC_ALL))
+ return ::GetLastError();
+
+ DWORD error = SetTokenIntegrityLevel(new_token, integrity_level_);
if (ERROR_SUCCESS != error)
return error;
- HANDLE token_handle;
- if (!::DuplicateHandle(::GetCurrentProcess(), new_token.Get(),
- ::GetCurrentProcess(), &token_handle,
- TOKEN_ALL_ACCESS, FALSE, // Don't inherit.
- 0)) {
- return ::GetLastError();
- }
-
- token->Set(token_handle);
- return ERROR_SUCCESS;
-}
-
-unsigned RestrictedToken::GetRestrictedTokenForImpersonation(
- base::win::ScopedHandle* token) const {
- DCHECK(init_);
- if (!init_)
- return ERROR_NO_TOKEN;
-
- base::win::ScopedHandle restricted_token;
- unsigned err_code = GetRestrictedToken(&restricted_token);
+ BOOL status = ::DuplicateHandle(::GetCurrentProcess(),
+ new_token,
+ ::GetCurrentProcess(),
+ token_handle,
+ TOKEN_ALL_ACCESS,
+ FALSE, // Don't inherit.
+ 0);
+
+ if (new_token != effective_token_)
+ ::CloseHandle(new_token);
+
+ if (!status)
+ return ::GetLastError();
+
+ return ERROR_SUCCESS;
+}
+
+unsigned RestrictedToken::GetRestrictedTokenHandleForImpersonation(
+ HANDLE *token_handle) const {
+ DCHECK(init_);
+ if (!init_)
+ return ERROR_NO_TOKEN;
+
+ HANDLE restricted_token_handle;
+ unsigned err_code = GetRestrictedTokenHandle(&restricted_token_handle);
if (ERROR_SUCCESS != err_code)
return err_code;
- HANDLE impersonation_token_handle;
- if (!::DuplicateToken(restricted_token.Get(),
+ HANDLE impersonation_token;
+ if (!::DuplicateToken(restricted_token_handle,
SecurityImpersonation,
- &impersonation_token_handle)) {
- return ::GetLastError();
- }
- base::win::ScopedHandle impersonation_token(impersonation_token_handle);
-
- HANDLE token_handle;
- if (!::DuplicateHandle(::GetCurrentProcess(), impersonation_token.Get(),
- ::GetCurrentProcess(), &token_handle,
- TOKEN_ALL_ACCESS, FALSE, // Don't inherit.
- 0)) {
- return ::GetLastError();
- }
-
- token->Set(token_handle);
+ &impersonation_token)) {
+ ::CloseHandle(restricted_token_handle);
+ return ::GetLastError();
+ }
+
+ ::CloseHandle(restricted_token_handle);
+
+ BOOL status = ::DuplicateHandle(::GetCurrentProcess(),
+ impersonation_token,
+ ::GetCurrentProcess(),
+ token_handle,
+ TOKEN_ALL_ACCESS,
+ FALSE, // Don't inherit.
+ 0);
+
+ ::CloseHandle(impersonation_token);
+
+ if (!status)
+ return ::GetLastError();
+
return ERROR_SUCCESS;
}
« no previous file with comments | « sandbox/win/src/restricted_token.h ('k') | sandbox/win/src/restricted_token_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698