OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/common/sandbox_win.h" | 5 #include "content/common/sandbox_win.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 | 8 |
9 #include "base/base_switches.h" | 9 #include "base/base_switches.h" |
10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
(...skipping 92 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
103 // Adds the policy rules for the path and path\ with the semantic |access|. | 103 // Adds the policy rules for the path and path\ with the semantic |access|. |
104 // If |children| is set to true, we need to add the wildcard rules to also | 104 // If |children| is set to true, we need to add the wildcard rules to also |
105 // apply the rule to the subfiles and subfolders. | 105 // apply the rule to the subfiles and subfolders. |
106 bool AddDirectory(int path, const wchar_t* sub_dir, bool children, | 106 bool AddDirectory(int path, const wchar_t* sub_dir, bool children, |
107 sandbox::TargetPolicy::Semantics access, | 107 sandbox::TargetPolicy::Semantics access, |
108 sandbox::TargetPolicy* policy) { | 108 sandbox::TargetPolicy* policy) { |
109 base::FilePath directory; | 109 base::FilePath directory; |
110 if (!PathService::Get(path, &directory)) | 110 if (!PathService::Get(path, &directory)) |
111 return false; | 111 return false; |
112 | 112 |
113 if (sub_dir) { | 113 if (sub_dir) |
114 directory = directory.Append(sub_dir); | 114 directory = base::MakeAbsoluteFilePath(directory.Append(sub_dir)); |
115 file_util::AbsolutePath(&directory); | |
116 } | |
117 | 115 |
118 sandbox::ResultCode result; | 116 sandbox::ResultCode result; |
119 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES, access, | 117 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES, access, |
120 directory.value().c_str()); | 118 directory.value().c_str()); |
121 if (result != sandbox::SBOX_ALL_OK) | 119 if (result != sandbox::SBOX_ALL_OK) |
122 return false; | 120 return false; |
123 | 121 |
124 std::wstring directory_str = directory.value() + L"\\"; | 122 std::wstring directory_str = directory.value() + L"\\"; |
125 if (children) | 123 if (children) |
126 directory_str += L"*"; | 124 directory_str += L"*"; |
(...skipping 588 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
715 } | 713 } |
716 | 714 |
717 return false; | 715 return false; |
718 } | 716 } |
719 | 717 |
720 bool BrokerAddTargetPeer(HANDLE peer_process) { | 718 bool BrokerAddTargetPeer(HANDLE peer_process) { |
721 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK; | 719 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK; |
722 } | 720 } |
723 | 721 |
724 } // namespace content | 722 } // namespace content |
OLD | NEW |