Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(68)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/win/src/sandbox.h

Issue 1867223005: Removed old AppContainer support. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fix clang warning and fix test. Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « sandbox/win/src/broker_services.cc ('k') | sandbox/win/src/sandbox_policy.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // Sandbox is a sandbox library for windows processes. Use when you want a 5 // Sandbox is a sandbox library for windows processes. Use when you want a
6 // 'privileged' process and a 'locked down process' to interact with. 6 // 'privileged' process and a 'locked down process' to interact with.
7 // The privileged process is called the broker and it is started by external 7 // The privileged process is called the broker and it is started by external
8 // means (such as the user starting it). The 'sandboxed' process is called the 8 // means (such as the user starting it). The 'sandboxed' process is called the
9 // target and it is started by the broker. There can be many target processes 9 // target and it is started by the broker. There can be many target processes
10 // started by a single broker process. This library provides facilities 10 // started by a single broker process. This library provides facilities
(...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after
84 // more information. 84 // more information.
85 virtual ResultCode WaitForAllTargets() = 0; 85 virtual ResultCode WaitForAllTargets() = 0;
86 86
87 // Adds an unsandboxed process as a peer for policy decisions (e.g. 87 // Adds an unsandboxed process as a peer for policy decisions (e.g.
88 // HANDLES_DUP_ANY policy). 88 // HANDLES_DUP_ANY policy).
89 // Returns: 89 // Returns:
90 // ALL_OK if successful. All other return values imply failure. 90 // ALL_OK if successful. All other return values imply failure.
91 // If the return is ERROR_GENERIC, you can call ::GetLastError() to get 91 // If the return is ERROR_GENERIC, you can call ::GetLastError() to get
92 // more information. 92 // more information.
93 virtual ResultCode AddTargetPeer(HANDLE peer_process) = 0; 93 virtual ResultCode AddTargetPeer(HANDLE peer_process) = 0;
94
95 // Install the AppContainer with the specified sid an name. Returns ALL_OK if
96 // successful or an error code if the AppContainer cannot be installed.
97 virtual ResultCode InstallAppContainer(const wchar_t* sid,
98 const wchar_t* name) = 0;
99
100 // Removes from the system the AppContainer with the specified sid.
101 // Returns ALL_OK if successful or an error code otherwise.
102 virtual ResultCode UninstallAppContainer(const wchar_t* sid) = 0;
103 }; 94 };
104 95
105 // TargetServices models the current process from the perspective 96 // TargetServices models the current process from the perspective
106 // of a target process. To obtain a pointer to it use 97 // of a target process. To obtain a pointer to it use
107 // Sandbox::GetTargetServices(). Note that this call returns a non-null 98 // Sandbox::GetTargetServices(). Note that this call returns a non-null
108 // pointer only if this process is in fact a target. A process is a target 99 // pointer only if this process is in fact a target. A process is a target
109 // only if the process was spawned by a call to BrokerServices::SpawnTarget(). 100 // only if the process was spawned by a call to BrokerServices::SpawnTarget().
110 // 101 //
111 // This API allows the target to gain access to resources with a high 102 // This API allows the target to gain access to resources with a high
112 // privilege token and then when it is ready to perform dangerous activities 103 // privilege token and then when it is ready to perform dangerous activities
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after
155 DWORD target_process_id, 146 DWORD target_process_id,
156 HANDLE* target_handle, 147 HANDLE* target_handle,
157 DWORD desired_access, 148 DWORD desired_access,
158 DWORD options) = 0; 149 DWORD options) = 0;
159 }; 150 };
160 151
161 } // namespace sandbox 152 } // namespace sandbox
162 153
163 154
164 #endif // SANDBOX_WIN_SRC_SANDBOX_H_ 155 #endif // SANDBOX_WIN_SRC_SANDBOX_H_
OLDNEW
« no previous file with comments | « sandbox/win/src/broker_services.cc ('k') | sandbox/win/src/sandbox_policy.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698