OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "sandbox/win/src/sandbox_policy_base.h" | 5 #include "sandbox/win/src/sandbox_policy_base.h" |
6 | 6 |
7 #include <sddl.h> | 7 #include <sddl.h> |
8 #include <stddef.h> | 8 #include <stddef.h> |
9 #include <stdint.h> | 9 #include <stdint.h> |
10 | 10 |
(...skipping 117 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
128 stdout_handle_(INVALID_HANDLE_VALUE), | 128 stdout_handle_(INVALID_HANDLE_VALUE), |
129 stderr_handle_(INVALID_HANDLE_VALUE), | 129 stderr_handle_(INVALID_HANDLE_VALUE), |
130 integrity_level_(INTEGRITY_LEVEL_LAST), | 130 integrity_level_(INTEGRITY_LEVEL_LAST), |
131 delayed_integrity_level_(INTEGRITY_LEVEL_LAST), | 131 delayed_integrity_level_(INTEGRITY_LEVEL_LAST), |
132 mitigations_(0), | 132 mitigations_(0), |
133 delayed_mitigations_(0), | 133 delayed_mitigations_(0), |
134 is_csrss_connected_(true), | 134 is_csrss_connected_(true), |
135 policy_maker_(NULL), | 135 policy_maker_(NULL), |
136 policy_(NULL), | 136 policy_(NULL), |
137 lowbox_sid_(NULL), | 137 lowbox_sid_(NULL), |
138 lockdown_default_dacl_(false) { | 138 lockdown_default_dacl_(false), |
| 139 enable_opm_redirection_(false) { |
139 ::InitializeCriticalSection(&lock_); | 140 ::InitializeCriticalSection(&lock_); |
140 dispatcher_.reset(new TopLevelDispatcher(this)); | 141 dispatcher_.reset(new TopLevelDispatcher(this)); |
141 } | 142 } |
142 | 143 |
143 PolicyBase::~PolicyBase() { | 144 PolicyBase::~PolicyBase() { |
144 TargetSet::iterator it; | 145 TargetSet::iterator it; |
145 for (it = targets_.begin(); it != targets_.end(); ++it) { | 146 for (it = targets_.begin(); it != targets_.end(); ++it) { |
146 TargetProcess* target = (*it); | 147 TargetProcess* target = (*it); |
147 delete target; | 148 delete target; |
148 } | 149 } |
(...skipping 451 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
600 } | 601 } |
601 | 602 |
602 HANDLE PolicyBase::GetStdoutHandle() { | 603 HANDLE PolicyBase::GetStdoutHandle() { |
603 return stdout_handle_; | 604 return stdout_handle_; |
604 } | 605 } |
605 | 606 |
606 HANDLE PolicyBase::GetStderrHandle() { | 607 HANDLE PolicyBase::GetStderrHandle() { |
607 return stderr_handle_; | 608 return stderr_handle_; |
608 } | 609 } |
609 | 610 |
| 611 void PolicyBase::SetEnableOPMRedirection() { |
| 612 enable_opm_redirection_ = true; |
| 613 } |
| 614 |
| 615 bool PolicyBase::GetEnableOPMRedirection() { |
| 616 return enable_opm_redirection_; |
| 617 } |
| 618 |
610 bool PolicyBase::SetupAllInterceptions(TargetProcess* target) { | 619 bool PolicyBase::SetupAllInterceptions(TargetProcess* target) { |
611 InterceptionManager manager(target, relaxed_interceptions_); | 620 InterceptionManager manager(target, relaxed_interceptions_); |
612 | 621 |
613 if (policy_) { | 622 if (policy_) { |
614 for (int i = 0; i < IPC_LAST_TAG; i++) { | 623 for (int i = 0; i < IPC_LAST_TAG; i++) { |
615 if (policy_->entry[i] && !dispatcher_->SetupService(&manager, i)) | 624 if (policy_->entry[i] && !dispatcher_->SetupService(&manager, i)) |
616 return false; | 625 return false; |
617 } | 626 } |
618 } | 627 } |
619 | 628 |
(...skipping 84 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
704 break; | 713 break; |
705 } | 714 } |
706 | 715 |
707 default: { return SBOX_ERROR_UNSUPPORTED; } | 716 default: { return SBOX_ERROR_UNSUPPORTED; } |
708 } | 717 } |
709 | 718 |
710 return SBOX_ALL_OK; | 719 return SBOX_ALL_OK; |
711 } | 720 } |
712 | 721 |
713 } // namespace sandbox | 722 } // namespace sandbox |
OLD | NEW |