| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/win/src/window.h" | 5 #include "sandbox/win/src/window.h" |
| 6 | 6 |
| 7 #include <aclapi.h> | 7 #include <aclapi.h> |
| 8 | 8 |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/memory/scoped_ptr.h" | 10 #include "base/memory/scoped_ptr.h" |
| (...skipping 30 matching lines...) Expand all Loading... |
| 41 if (!GetSecurityAttributes(::GetProcessWindowStation(), &attributes)) { | 41 if (!GetSecurityAttributes(::GetProcessWindowStation(), &attributes)) { |
| 42 return SBOX_ERROR_CANNOT_CREATE_WINSTATION; | 42 return SBOX_ERROR_CANNOT_CREATE_WINSTATION; |
| 43 } | 43 } |
| 44 | 44 |
| 45 // Create the window station using NULL for the name to ask the os to | 45 // Create the window station using NULL for the name to ask the os to |
| 46 // generate it. | 46 // generate it. |
| 47 // TODO(nsylvain): don't ask for WINSTA_ALL_ACCESS if we don't need to. | 47 // TODO(nsylvain): don't ask for WINSTA_ALL_ACCESS if we don't need to. |
| 48 *winsta = ::CreateWindowStationW(NULL, 0, WINSTA_ALL_ACCESS, &attributes); | 48 *winsta = ::CreateWindowStationW(NULL, 0, WINSTA_ALL_ACCESS, &attributes); |
| 49 LocalFree(attributes.lpSecurityDescriptor); | 49 LocalFree(attributes.lpSecurityDescriptor); |
| 50 | 50 |
| 51 if (*winsta) { | 51 if (*winsta) |
| 52 // Replace the DACL on the new Winstation with a reduced privilege version. | |
| 53 // We can soft fail on this for now, as it's just an extra mitigation. | |
| 54 static const ACCESS_MASK kWinstaDenyMask = DELETE | WRITE_DAC | | |
| 55 WRITE_OWNER | | |
| 56 WINSTA_ACCESSCLIPBOARD | | |
| 57 WINSTA_CREATEDESKTOP | | |
| 58 WINSTA_ENUMDESKTOPS | | |
| 59 WINSTA_ENUMERATE | | |
| 60 WINSTA_EXITWINDOWS; | |
| 61 AddKnownSidToObject(*winsta, SE_WINDOW_OBJECT, Sid(WinRestrictedCodeSid), | |
| 62 DENY_ACCESS, kWinstaDenyMask); | |
| 63 return SBOX_ALL_OK; | 52 return SBOX_ALL_OK; |
| 64 } | |
| 65 | 53 |
| 66 return SBOX_ERROR_CANNOT_CREATE_WINSTATION; | 54 return SBOX_ERROR_CANNOT_CREATE_WINSTATION; |
| 67 } | 55 } |
| 68 | 56 |
| 69 ResultCode CreateAltDesktop(HWINSTA winsta, HDESK* desktop) { | 57 ResultCode CreateAltDesktop(HWINSTA winsta, HDESK* desktop) { |
| 70 base::string16 desktop_name = L"sbox_alternate_desktop_"; | 58 base::string16 desktop_name = L"sbox_alternate_desktop_"; |
| 71 | 59 |
| 72 // Append the current PID to the desktop name. | 60 // Append the current PID to the desktop name. |
| 73 wchar_t buffer[16]; | 61 wchar_t buffer[16]; |
| 74 _snwprintf_s(buffer, sizeof(buffer) / sizeof(wchar_t), L"0x%X", | 62 _snwprintf_s(buffer, sizeof(buffer) / sizeof(wchar_t), L"0x%X", |
| (...skipping 84 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 159 if (winsta) { | 147 if (winsta) { |
| 160 name = GetWindowObjectName(winsta); | 148 name = GetWindowObjectName(winsta); |
| 161 name += L'\\'; | 149 name += L'\\'; |
| 162 } | 150 } |
| 163 | 151 |
| 164 name += GetWindowObjectName(desktop); | 152 name += GetWindowObjectName(desktop); |
| 165 return name; | 153 return name; |
| 166 } | 154 } |
| 167 | 155 |
| 168 } // namespace sandbox | 156 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 186483005:
Don't modify the alternate winstation DACL (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src