OLD | NEW |
| (Empty) |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include <windows.h> | |
6 | |
7 #define _ATL_NO_EXCEPTIONS | |
8 #include <atlbase.h> | |
9 #include <atlsecurity.h> | |
10 | |
11 #include "base/strings/string16.h" | |
12 #include "base/win/scoped_handle.h" | |
13 #include "base/win/windows_version.h" | |
14 #include "sandbox/win/src/sync_policy_test.h" | |
15 #include "testing/gtest/include/gtest/gtest.h" | |
16 | |
17 namespace { | |
18 | |
19 const wchar_t kAppContainerName[] = L"sbox_test"; | |
20 const wchar_t kAppContainerSid[] = | |
21 L"S-1-15-2-3251537155-1984446955-2931258699-841473695-1938553385-" | |
22 L"924012148-2839372144"; | |
23 | |
24 const ULONG kSharing = FILE_SHARE_WRITE | FILE_SHARE_READ | FILE_SHARE_DELETE; | |
25 | |
26 HANDLE CreateTaggedEvent(const base::string16& name, | |
27 const base::string16& sid) { | |
28 base::win::ScopedHandle event(CreateEvent(NULL, FALSE, FALSE, name.c_str())); | |
29 if (!event.IsValid()) | |
30 return NULL; | |
31 | |
32 wchar_t file_name[MAX_PATH] = {}; | |
33 wchar_t temp_directory[MAX_PATH] = {}; | |
34 GetTempPath(MAX_PATH, temp_directory); | |
35 GetTempFileName(temp_directory, L"test", 0, file_name); | |
36 | |
37 base::win::ScopedHandle file; | |
38 file.Set(CreateFile(file_name, GENERIC_READ | STANDARD_RIGHTS_READ, kSharing, | |
39 NULL, OPEN_EXISTING, 0, NULL)); | |
40 DeleteFile(file_name); | |
41 if (!file.IsValid()) | |
42 return NULL; | |
43 | |
44 CSecurityDesc sd; | |
45 if (!AtlGetSecurityDescriptor(file.Get(), SE_FILE_OBJECT, &sd, | |
46 OWNER_SECURITY_INFORMATION | | |
47 GROUP_SECURITY_INFORMATION | | |
48 DACL_SECURITY_INFORMATION)) { | |
49 return NULL; | |
50 } | |
51 | |
52 PSID local_sid; | |
53 if (!ConvertStringSidToSid(sid.c_str(), &local_sid)) | |
54 return NULL; | |
55 | |
56 CDacl new_dacl; | |
57 sd.GetDacl(&new_dacl); | |
58 CSid csid(reinterpret_cast<SID*>(local_sid)); | |
59 new_dacl.AddAllowedAce(csid, EVENT_ALL_ACCESS); | |
60 if (!AtlSetDacl(event.Get(), SE_KERNEL_OBJECT, new_dacl)) | |
61 event.Close(); | |
62 | |
63 LocalFree(local_sid); | |
64 return event.IsValid() ? event.Take() : NULL; | |
65 } | |
66 | |
67 } // namespace | |
68 | |
69 namespace sandbox { | |
70 | |
71 TEST(AppContainerTest, AllowOpenEvent) { | |
72 if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8) | |
73 return; | |
74 | |
75 TestRunner runner(JOB_UNPROTECTED, USER_UNPROTECTED, USER_UNPROTECTED); | |
76 | |
77 const wchar_t capability[] = L"S-1-15-3-12345678-87654321"; | |
78 base::win::ScopedHandle handle(CreateTaggedEvent(L"test", capability)); | |
79 ASSERT_TRUE(handle.IsValid()); | |
80 | |
81 EXPECT_EQ(SBOX_ALL_OK, | |
82 runner.broker()->InstallAppContainer(kAppContainerSid, | |
83 kAppContainerName)); | |
84 EXPECT_EQ(SBOX_ALL_OK, runner.GetPolicy()->SetCapability(capability)); | |
85 EXPECT_EQ(SBOX_ALL_OK, runner.GetPolicy()->SetAppContainer(kAppContainerSid)); | |
86 | |
87 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"Event_Open f test")); | |
88 | |
89 runner.SetTestState(BEFORE_REVERT); | |
90 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"Event_Open f test")); | |
91 EXPECT_EQ(SBOX_ALL_OK, | |
92 runner.broker()->UninstallAppContainer(kAppContainerSid)); | |
93 } | |
94 | |
95 TEST(AppContainerTest, DenyOpenEvent) { | |
96 if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8) | |
97 return; | |
98 | |
99 TestRunner runner(JOB_UNPROTECTED, USER_UNPROTECTED, USER_UNPROTECTED); | |
100 | |
101 const wchar_t capability[] = L"S-1-15-3-12345678-87654321"; | |
102 base::win::ScopedHandle handle(CreateTaggedEvent(L"test", capability)); | |
103 ASSERT_TRUE(handle.IsValid()); | |
104 | |
105 EXPECT_EQ(SBOX_ALL_OK, | |
106 runner.broker()->InstallAppContainer(kAppContainerSid, | |
107 kAppContainerName)); | |
108 EXPECT_EQ(SBOX_ALL_OK, runner.GetPolicy()->SetAppContainer(kAppContainerSid)); | |
109 | |
110 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(L"Event_Open f test")); | |
111 | |
112 runner.SetTestState(BEFORE_REVERT); | |
113 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(L"Event_Open f test")); | |
114 EXPECT_EQ(SBOX_ALL_OK, | |
115 runner.broker()->UninstallAppContainer(kAppContainerSid)); | |
116 } | |
117 | |
118 TEST(AppContainerTest, NoImpersonation) { | |
119 if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8) | |
120 return; | |
121 | |
122 TestRunner runner(JOB_UNPROTECTED, USER_LIMITED, USER_LIMITED); | |
123 EXPECT_EQ(SBOX_ALL_OK, runner.GetPolicy()->SetAppContainer(kAppContainerSid)); | |
124 } | |
125 | |
126 TEST(AppContainerTest, WantsImpersonation) { | |
127 if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8) | |
128 return; | |
129 | |
130 TestRunner runner(JOB_UNPROTECTED, USER_UNPROTECTED, USER_NON_ADMIN); | |
131 EXPECT_EQ(SBOX_ERROR_CANNOT_INIT_APPCONTAINER, | |
132 runner.GetPolicy()->SetAppContainer(kAppContainerSid)); | |
133 } | |
134 | |
135 TEST(AppContainerTest, RequiresImpersonation) { | |
136 if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8) | |
137 return; | |
138 | |
139 TestRunner runner(JOB_UNPROTECTED, USER_RESTRICTED, USER_RESTRICTED); | |
140 EXPECT_EQ(SBOX_ERROR_CANNOT_INIT_APPCONTAINER, | |
141 runner.GetPolicy()->SetAppContainer(kAppContainerSid)); | |
142 } | |
143 | |
144 TEST(AppContainerTest, DenyOpenEventForLowBox) { | |
145 if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8) | |
146 return; | |
147 | |
148 TestRunner runner(JOB_UNPROTECTED, USER_UNPROTECTED, USER_UNPROTECTED); | |
149 | |
150 base::win::ScopedHandle event(CreateEvent(NULL, FALSE, FALSE, L"test")); | |
151 ASSERT_TRUE(event.IsValid()); | |
152 | |
153 EXPECT_EQ(SBOX_ALL_OK, runner.GetPolicy()->SetLowBox(kAppContainerSid)); | |
154 | |
155 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(L"Event_Open f test")); | |
156 } | |
157 | |
158 // TODO(shrikant): Please add some tests to prove usage of lowbox token like | |
159 // socket connection to local server in lock down mode. | |
160 | |
161 } // namespace sandbox | |
OLD | NEW |