OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/common/sandbox_win.h" | 5 #include "content/common/sandbox_win.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 | 8 |
9 #include "base/base_switches.h" | 9 #include "base/base_switches.h" |
10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
(...skipping 103 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
114 // Adds the policy rules for the path and path\ with the semantic |access|. | 114 // Adds the policy rules for the path and path\ with the semantic |access|. |
115 // If |children| is set to true, we need to add the wildcard rules to also | 115 // If |children| is set to true, we need to add the wildcard rules to also |
116 // apply the rule to the subfiles and subfolders. | 116 // apply the rule to the subfiles and subfolders. |
117 bool AddDirectory(int path, const wchar_t* sub_dir, bool children, | 117 bool AddDirectory(int path, const wchar_t* sub_dir, bool children, |
118 sandbox::TargetPolicy::Semantics access, | 118 sandbox::TargetPolicy::Semantics access, |
119 sandbox::TargetPolicy* policy) { | 119 sandbox::TargetPolicy* policy) { |
120 base::FilePath directory; | 120 base::FilePath directory; |
121 if (!PathService::Get(path, &directory)) | 121 if (!PathService::Get(path, &directory)) |
122 return false; | 122 return false; |
123 | 123 |
124 if (sub_dir) { | 124 if (sub_dir) |
125 directory = directory.Append(sub_dir); | 125 directory = directory.Append(sub_dir).AsAbsolute(); |
126 file_util::AbsolutePath(&directory); | |
127 } | |
128 | 126 |
129 sandbox::ResultCode result; | 127 sandbox::ResultCode result; |
130 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES, access, | 128 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES, access, |
131 directory.value().c_str()); | 129 directory.value().c_str()); |
132 if (result != sandbox::SBOX_ALL_OK) | 130 if (result != sandbox::SBOX_ALL_OK) |
133 return false; | 131 return false; |
134 | 132 |
135 std::wstring directory_str = directory.value() + L"\\"; | 133 std::wstring directory_str = directory.value() + L"\\"; |
136 if (children) | 134 if (children) |
137 directory_str += L"*"; | 135 directory_str += L"*"; |
(...skipping 588 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
726 } | 724 } |
727 | 725 |
728 return false; | 726 return false; |
729 } | 727 } |
730 | 728 |
731 bool BrokerAddTargetPeer(HANDLE peer_process) { | 729 bool BrokerAddTargetPeer(HANDLE peer_process) { |
732 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK; | 730 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK; |
733 } | 731 } |
734 | 732 |
735 } // namespace content | 733 } // namespace content |
OLD | NEW |