Remove sandbox on Windows.

content/browser/ppapi_plugin_process_host.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/browser/ppapi_plugin_process_host.h"
 
 #include <stddef.h>
 
 #include <string>
 #include <utility>
@@ skipping 23 matching lines @@
 #include "net/base/network_change_notifier.h"
 #include "ppapi/proxy/ppapi_messages.h"
 #include "ui/base/ui_base_switches.h"
 
 #if defined(OS_POSIX)
 #include "content/public/browser/zygote_handle_linux.h"
 #endif  // defined(OS_POSIX)
 
 #if defined(OS_WIN)
 #include "content/browser/renderer_host/dwrite_font_proxy_message_filter_win.h"
-#include "content/common/sandbox_win.h"
-#include "sandbox/win/src/process_mitigations.h"
-#include "sandbox/win/src/sandbox_policy.h"
 #include "ui/gfx/win/dpi.h"
 #endif
 
 namespace content {
 
 #if defined(OS_POSIX) && !defined(OS_ANDROID) && !defined(OS_MACOSX)
 ZygoteHandle g_ppapi_zygote;
 #endif  // defined(OS_POSIX) && !defined(OS_ANDROID) && !defined(OS_MACOSX)
 
 // NOTE: changes to this class need to be reviewed by the security team.
 class PpapiPluginSandboxedProcessLauncherDelegate
     : public content::SandboxedProcessLauncherDelegate {
  public:
   PpapiPluginSandboxedProcessLauncherDelegate(bool is_broker,
                                               const PepperPluginInfo& info,
                                               ChildProcessHost* host)
       :
 #if defined(OS_WIN)
         info_(info),
 #endif // OS_WIN
 #if defined(OS_POSIX)
         ipc_fd_(host->TakeClientFileDescriptor()),
 #endif  // OS_POSIX
         is_broker_(is_broker) {}
 
   ~PpapiPluginSandboxedProcessLauncherDelegate() override {}
 
 #if defined(OS_WIN)
   bool ShouldSandbox() override {
-    return !is_broker_;
+    return false;
   }
 
   bool PreSpawnTarget(sandbox::TargetPolicy* policy) override {
-    if (is_broker_)
-      return true;
-
-    // The Pepper process is as locked-down as a renderer except that it can
-    // create the server side of Chrome pipes.
-    sandbox::ResultCode result;
-    result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_NAMED_PIPES,
-                             sandbox::TargetPolicy::NAMEDPIPES_ALLOW_ANY,
-                             L"\\\\.\\pipe\\chrome.*");
-    if (result != sandbox::SBOX_ALL_OK)
-      return false;
-
-    content::ContentBrowserClient* browser_client =
-        GetContentClient()->browser();
-
-#if !defined(NACL_WIN64)
-    if (IsWin32kRendererLockdownEnabled()) {
-      for (const auto& mime_type : info_.mime_types) {
-        if (browser_client->IsWin32kLockdownEnabledForMimeType(
-                mime_type.mime_type)) {
-          if (!AddWin32kLockdownPolicy(policy))
-            return false;
-          break;
-        }
-      }
-    }
-#endif
-    const base::string16& sid =
-        browser_client->GetAppContainerSidForSandboxType(GetSandboxType());
-    if (!sid.empty())
-      AddAppContainerPolicy(policy, sid.c_str());
-
     return true;
   }
 
 #elif defined(OS_POSIX)
 #if !defined(OS_MACOSX) && !defined(OS_ANDROID)
   ZygoteHandle* GetZygote() override {
     const base::CommandLine& browser_command_line =
         *base::CommandLine::ForCurrentProcess();
     base::CommandLine::StringType plugin_launcher = browser_command_line
         .GetSwitchValueNative(switches::kPpapiPluginLauncher);
@@ skipping 424 matching lines @@
   // sent_requests_ queue should be the one that the plugin just created.
   Client* client = sent_requests_.front();
   sent_requests_.pop();
 
   const ChildProcessData& data = process_->GetData();
   client->OnPpapiChannelOpened(channel_handle, base::GetProcId(data.handle),
                                data.id);
 }
 
 }  // namespace content