Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(431)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/win/tests/validation_tests/suite.cc

Issue 1814863004: Cleanup/Remove Windows XP/Vista version checks from Windows sandbox code (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: revert disabled reparse point check Created 4 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « sandbox/win/src/target_services.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // This file contains the validation tests for the sandbox. 5 // This file contains the validation tests for the sandbox.
6 // It includes the tests that need to be performed inside the 6 // It includes the tests that need to be performed inside the
7 // sandbox. 7 // sandbox.
8 8
9 #include <shlwapi.h> 9 #include <shlwapi.h>
10 #include <stddef.h> 10 #include <stddef.h>
(...skipping 103 matching lines...) Expand 10 before | Expand all | Expand 10 after
114 TestRunner runner; 114 TestRunner runner;
115 runner.GetPolicy()->SetAlternateDesktop(true); 115 runner.GetPolicy()->SetAlternateDesktop(true);
116 runner.GetPolicy()->SetIntegrityLevel(INTEGRITY_LEVEL_LOW); 116 runner.GetPolicy()->SetIntegrityLevel(INTEGRITY_LEVEL_LOW);
117 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(L"OpenInteractiveDesktop NULL")); 117 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(L"OpenInteractiveDesktop NULL"));
118 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(L"SwitchToSboxDesktop NULL")); 118 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(L"SwitchToSboxDesktop NULL"));
119 } 119 }
120 120
121 // Tests that the permissions on the Windowstation does not allow the sandbox 121 // Tests that the permissions on the Windowstation does not allow the sandbox
122 // to get to the interactive desktop or to make the sbox desktop interactive. 122 // to get to the interactive desktop or to make the sbox desktop interactive.
123 TEST(ValidationSuite, TestAlternateDesktop) { 123 TEST(ValidationSuite, TestAlternateDesktop) {
124 base::win::Version version = base::win::GetVersion();
125 if (version < base::win::VERSION_WIN7)
126 return;
127 124
128 TestRunner runner; 125 TestRunner runner;
129 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(L"EnumAlternateWinsta NULL")); 126 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(L"EnumAlternateWinsta NULL"));
130 127
131 wchar_t command[1024] = {0}; 128 wchar_t command[1024] = {0};
132 runner.SetTimeout(3600000); 129 runner.SetTimeout(3600000);
133 runner.GetPolicy()->SetAlternateDesktop(true); 130 runner.GetPolicy()->SetAlternateDesktop(true);
134 runner.GetPolicy()->SetIntegrityLevel(INTEGRITY_LEVEL_LOW); 131 runner.GetPolicy()->SetIntegrityLevel(INTEGRITY_LEVEL_LOW);
135 base::string16 desktop_name = runner.GetPolicy()->GetAlternateDesktop(); 132 base::string16 desktop_name = runner.GetPolicy()->GetAlternateDesktop();
136 desktop_name = desktop_name.substr(desktop_name.find('\\') + 1); 133 desktop_name = desktop_name.substr(desktop_name.find('\\') + 1);
(...skipping 23 matching lines...) Expand all
160 target.SetAsynchronous(true); 157 target.SetAsynchronous(true);
161 158
162 EXPECT_EQ(SBOX_TEST_SUCCEEDED, target.RunTest(L"SleepCmd 30000")); 159 EXPECT_EQ(SBOX_TEST_SUCCEEDED, target.RunTest(L"SleepCmd 30000"));
163 160
164 TestProcessAccess(&runner, target.process_id()); 161 TestProcessAccess(&runner, target.process_id());
165 } 162 }
166 163
167 // Tests that a low-integrity process cannot open a locked-down process (due 164 // Tests that a low-integrity process cannot open a locked-down process (due
168 // to the integrity label changing after startup via SetDelayedIntegrityLevel). 165 // to the integrity label changing after startup via SetDelayedIntegrityLevel).
169 TEST(ValidationSuite, TestProcessDenyLowIntegrity) { 166 TEST(ValidationSuite, TestProcessDenyLowIntegrity) {
170 // This test applies only to Vista and above.
171 if (base::win::GetVersion() < base::win::VERSION_VISTA)
172 return;
173 167
174 TestRunner runner; 168 TestRunner runner;
175 TestRunner target; 169 TestRunner target;
176 170
177 target.SetAsynchronous(true); 171 target.SetAsynchronous(true);
178 target.GetPolicy()->SetDelayedIntegrityLevel(INTEGRITY_LEVEL_LOW); 172 target.GetPolicy()->SetDelayedIntegrityLevel(INTEGRITY_LEVEL_LOW);
179 173
180 runner.GetPolicy()->SetIntegrityLevel(INTEGRITY_LEVEL_LOW); 174 runner.GetPolicy()->SetIntegrityLevel(INTEGRITY_LEVEL_LOW);
181 runner.GetPolicy()->SetTokenLevel(USER_RESTRICTED_SAME_ACCESS, 175 runner.GetPolicy()->SetTokenLevel(USER_RESTRICTED_SAME_ACCESS,
182 USER_INTERACTIVE); 176 USER_INTERACTIVE);
183 177
184 EXPECT_EQ(SBOX_TEST_SUCCEEDED, target.RunTest(L"SleepCmd 30000")); 178 EXPECT_EQ(SBOX_TEST_SUCCEEDED, target.RunTest(L"SleepCmd 30000"));
185 179
186 TestProcessAccess(&runner, target.process_id()); 180 TestProcessAccess(&runner, target.process_id());
187 } 181 }
188 182
189 // Tests that a locked-down process cannot open a low-integrity process. 183 // Tests that a locked-down process cannot open a low-integrity process.
190 TEST(ValidationSuite, TestProcessDenyBelowLowIntegrity) { 184 TEST(ValidationSuite, TestProcessDenyBelowLowIntegrity) {
191 // This test applies only to Vista and above.
192 if (base::win::GetVersion() < base::win::VERSION_VISTA)
193 return;
194 185
195 TestRunner runner; 186 TestRunner runner;
196 TestRunner target; 187 TestRunner target;
197 188
198 target.SetAsynchronous(true); 189 target.SetAsynchronous(true);
199 target.GetPolicy()->SetIntegrityLevel(INTEGRITY_LEVEL_LOW); 190 target.GetPolicy()->SetIntegrityLevel(INTEGRITY_LEVEL_LOW);
200 target.GetPolicy()->SetTokenLevel(USER_RESTRICTED_SAME_ACCESS, 191 target.GetPolicy()->SetTokenLevel(USER_RESTRICTED_SAME_ACCESS,
201 USER_INTERACTIVE); 192 USER_INTERACTIVE);
202 193
203 runner.GetPolicy()->SetDelayedIntegrityLevel(INTEGRITY_LEVEL_UNTRUSTED); 194 runner.GetPolicy()->SetDelayedIntegrityLevel(INTEGRITY_LEVEL_UNTRUSTED);
(...skipping 29 matching lines...) Expand all
233 TEST(ValidationSuite, TestMemoryNoLimit) { 224 TEST(ValidationSuite, TestMemoryNoLimit) {
234 TestRunner runner; 225 TestRunner runner;
235 wchar_t command[1024] = {0}; 226 wchar_t command[1024] = {0};
236 const int kAllocationSize = 256 * 1024 * 1024; 227 const int kAllocationSize = 256 * 1024 * 1024;
237 228
238 wsprintf(command, L"AllocateCmd %d", kAllocationSize); 229 wsprintf(command, L"AllocateCmd %d", kAllocationSize);
239 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(command)); 230 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(command));
240 } 231 }
241 232
242 } // namespace sandbox 233 } // namespace sandbox
OLDNEW
« no previous file with comments | « sandbox/win/src/target_services.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698