Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(559)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/win/src/sandbox_policy_base.cc

Issue 1263603002: Rework target process creation to minimize creation routes (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Renamed token variables to reflect their lowbox status Created 5 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « sandbox/win/src/sandbox_policy_base.h ('k') | sandbox/win/src/target_process.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sandbox/win/src/sandbox_policy_base.h" 5 #include "sandbox/win/src/sandbox_policy_base.h"
6 6
7 #include <sddl.h> 7 #include <sddl.h>
8 8
9 #include "base/basictypes.h" 9 #include "base/basictypes.h"
10 #include "base/callback.h" 10 #include "base/callback.h"
(...skipping 524 matching lines...) Expand 10 before | Expand all | Expand 10 after
535 return SBOX_ERROR_GENERIC; 535 return SBOX_ERROR_GENERIC;
536 536
537 *job = job_obj.Take(); 537 *job = job_obj.Take();
538 } else { 538 } else {
539 *job = base::win::ScopedHandle(); 539 *job = base::win::ScopedHandle();
540 } 540 }
541 return SBOX_ALL_OK; 541 return SBOX_ALL_OK;
542 } 542 }
543 543
544 ResultCode PolicyBase::MakeTokens(base::win::ScopedHandle* initial, 544 ResultCode PolicyBase::MakeTokens(base::win::ScopedHandle* initial,
545 base::win::ScopedHandle* lockdown) { 545 base::win::ScopedHandle* lockdown,
546 base::win::ScopedHandle* lowbox) {
546 if (appcontainer_list_.get() && appcontainer_list_->HasAppContainer() && 547 if (appcontainer_list_.get() && appcontainer_list_->HasAppContainer() &&
547 lowbox_sid_) { 548 lowbox_sid_) {
548 return SBOX_ERROR_BAD_PARAMS; 549 return SBOX_ERROR_BAD_PARAMS;
549 } 550 }
550 551
551 // Create the 'naked' token. This will be the permanent token associated 552 // Create the 'naked' token. This will be the permanent token associated
552 // with the process and therefore with any thread that is not impersonating. 553 // with the process and therefore with any thread that is not impersonating.
553 DWORD result = CreateRestrictedToken(lockdown_level_, integrity_level_, 554 DWORD result = CreateRestrictedToken(lockdown_level_, integrity_level_,
554 PRIMARY, lockdown); 555 PRIMARY, lockdown);
555 if (ERROR_SUCCESS != result) 556 if (ERROR_SUCCESS != result)
(...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after
606 DWORD saved_handles_count = lowbox_directory_.IsValid() ? 1 : 0; 607 DWORD saved_handles_count = lowbox_directory_.IsValid() ? 1 : 0;
607 608
608 NTSTATUS status = CreateLowBoxToken(&token_lowbox, lockdown->Get(), 609 NTSTATUS status = CreateLowBoxToken(&token_lowbox, lockdown->Get(),
609 TOKEN_ALL_ACCESS, &obj_attr, 610 TOKEN_ALL_ACCESS, &obj_attr,
610 lowbox_sid_, 0, NULL, 611 lowbox_sid_, 0, NULL,
611 saved_handles_count, saved_handles); 612 saved_handles_count, saved_handles);
612 if (!NT_SUCCESS(status)) 613 if (!NT_SUCCESS(status))
613 return SBOX_ERROR_GENERIC; 614 return SBOX_ERROR_GENERIC;
614 615
615 DCHECK(token_lowbox); 616 DCHECK(token_lowbox);
616 lockdown->Set(token_lowbox); 617 lowbox->Set(token_lowbox);
617 } 618 }
618 619
619 // Create the 'better' token. We use this token as the one that the main 620 // Create the 'better' token. We use this token as the one that the main
620 // thread uses when booting up the process. It should contain most of 621 // thread uses when booting up the process. It should contain most of
621 // what we need (before reaching main( )) 622 // what we need (before reaching main( ))
622 result = CreateRestrictedToken(initial_level_, integrity_level_, 623 result = CreateRestrictedToken(initial_level_, integrity_level_,
623 IMPERSONATION, initial); 624 IMPERSONATION, initial);
624 if (ERROR_SUCCESS != result) 625 if (ERROR_SUCCESS != result)
625 return SBOX_ERROR_GENERIC; 626 return SBOX_ERROR_GENERIC;
626 627
(...skipping 246 matching lines...) Expand 10 before | Expand all | Expand 10 after
873 break; 874 break;
874 } 875 }
875 876
876 default: { return SBOX_ERROR_UNSUPPORTED; } 877 default: { return SBOX_ERROR_UNSUPPORTED; }
877 } 878 }
878 879
879 return SBOX_ALL_OK; 880 return SBOX_ALL_OK;
880 } 881 }
881 882
882 } // namespace sandbox 883 } // namespace sandbox
OLDNEW
« no previous file with comments | « sandbox/win/src/sandbox_policy_base.h ('k') | sandbox/win/src/target_process.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698