Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(507)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/win/src/restricted_token_utils.h

Issue 1821193002: Added a policy option to restrict the default DACL for tokens. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Added access mask to open process test Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « sandbox/win/src/restricted_token_unittest.cc ('k') | sandbox/win/src/restricted_token_utils.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef SANDBOX_SRC_RESTRICTED_TOKEN_UTILS_H__ 5 #ifndef SANDBOX_SRC_RESTRICTED_TOKEN_UTILS_H__
6 #define SANDBOX_SRC_RESTRICTED_TOKEN_UTILS_H__ 6 #define SANDBOX_SRC_RESTRICTED_TOKEN_UTILS_H__
7 7
8 #include <accctrl.h> 8 #include <accctrl.h>
9 #include <windows.h> 9 #include <windows.h>
10 10
(...skipping 12 matching lines...) Expand all
23 PRIMARY 23 PRIMARY
24 }; 24 };
25 25
26 // Creates a restricted token based on the effective token of the current 26 // Creates a restricted token based on the effective token of the current
27 // process. The parameter security_level determines how much the token is 27 // process. The parameter security_level determines how much the token is
28 // restricted. The token_type determines if the token will be used as a primary 28 // restricted. The token_type determines if the token will be used as a primary
29 // token or impersonation token. The integrity level of the token is set to 29 // token or impersonation token. The integrity level of the token is set to
30 // |integrity level| on Vista only. 30 // |integrity level| on Vista only.
31 // |token| is the output value containing the handle of the newly created 31 // |token| is the output value containing the handle of the newly created
32 // restricted token. 32 // restricted token.
33 // |lockdown_default_dacl| indicates the token's default DACL should be locked
34 // down to restrict what other process can open kernel resources created while
35 // running under the token.
33 // If the function succeeds, the return value is ERROR_SUCCESS. If the 36 // If the function succeeds, the return value is ERROR_SUCCESS. If the
34 // function fails, the return value is the win32 error code corresponding to 37 // function fails, the return value is the win32 error code corresponding to
35 // the error. 38 // the error.
36 DWORD CreateRestrictedToken(TokenLevel security_level, 39 DWORD CreateRestrictedToken(TokenLevel security_level,
37 IntegrityLevel integrity_level, 40 IntegrityLevel integrity_level,
38 TokenType token_type, 41 TokenType token_type,
42 bool lockdown_default_dacl,
39 base::win::ScopedHandle* token); 43 base::win::ScopedHandle* token);
40 44
41 // Sets the integrity label on a object handle. 45 // Sets the integrity label on a object handle.
42 DWORD SetObjectIntegrityLabel(HANDLE handle, SE_OBJECT_TYPE type, 46 DWORD SetObjectIntegrityLabel(HANDLE handle, SE_OBJECT_TYPE type,
43 const wchar_t* ace_access, 47 const wchar_t* ace_access,
44 const wchar_t* integrity_level_sid); 48 const wchar_t* integrity_level_sid);
45 49
46 // Sets the integrity level on a token. This is only valid on Vista. It returns 50 // Sets the integrity level on a token. This is only valid on Vista. It returns
47 // without failing on XP. If the integrity level that you specify is greater 51 // without failing on XP. If the integrity level that you specify is greater
48 // than the current integrity level, the function will fail. 52 // than the current integrity level, the function will fail.
(...skipping 17 matching lines...) Expand all
66 // Hardens the integrity level policy on the current process. This is only 70 // Hardens the integrity level policy on the current process. This is only
67 // valid on Win 7 and above. Specifically it sets the policy to block read 71 // valid on Win 7 and above. Specifically it sets the policy to block read
68 // and execute so that a lower privileged process cannot open the token for 72 // and execute so that a lower privileged process cannot open the token for
69 // impersonate or duplicate permissions. This should limit potential security 73 // impersonate or duplicate permissions. This should limit potential security
70 // holes. 74 // holes.
71 DWORD HardenProcessIntegrityLevelPolicy(); 75 DWORD HardenProcessIntegrityLevelPolicy();
72 76
73 } // namespace sandbox 77 } // namespace sandbox
74 78
75 #endif // SANDBOX_SRC_RESTRICTED_TOKEN_UTILS_H__ 79 #endif // SANDBOX_SRC_RESTRICTED_TOKEN_UTILS_H__
OLDNEW
« no previous file with comments | « sandbox/win/src/restricted_token_unittest.cc ('k') | sandbox/win/src/restricted_token_utils.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698