OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_ | 5 #ifndef SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_ |
6 #define SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_ | 6 #define SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_ |
7 | 7 |
8 #include <windows.h> | 8 #include <windows.h> |
9 #include <stddef.h> | 9 #include <stddef.h> |
10 #include <stdint.h> | 10 #include <stdint.h> |
(...skipping 70 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
81 // SetTokenLevel(). Also creates a lowbox token if specified based on the | 81 // SetTokenLevel(). Also creates a lowbox token if specified based on the |
82 // lowbox SID. | 82 // lowbox SID. |
83 ResultCode MakeTokens(base::win::ScopedHandle* initial, | 83 ResultCode MakeTokens(base::win::ScopedHandle* initial, |
84 base::win::ScopedHandle* lockdown, | 84 base::win::ScopedHandle* lockdown, |
85 base::win::ScopedHandle* lowbox); | 85 base::win::ScopedHandle* lowbox); |
86 | 86 |
87 PSID GetLowBoxSid() const; | 87 PSID GetLowBoxSid() const; |
88 | 88 |
89 // Adds a target process to the internal list of targets. Internally a | 89 // Adds a target process to the internal list of targets. Internally a |
90 // call to TargetProcess::Init() is issued. | 90 // call to TargetProcess::Init() is issued. |
91 bool AddTarget(TargetProcess* target); | 91 ResultCode AddTarget(TargetProcess* target); |
92 | 92 |
93 // Called when there are no more active processes in a Job. | 93 // Called when there are no more active processes in a Job. |
94 // Removes a Job object associated with this policy and the target associated | 94 // Removes a Job object associated with this policy and the target associated |
95 // with the job. | 95 // with the job. |
96 bool OnJobEmpty(HANDLE job); | 96 bool OnJobEmpty(HANDLE job); |
97 | 97 |
98 EvalResult EvalPolicy(int service, CountedParameterSetBase* params); | 98 EvalResult EvalPolicy(int service, CountedParameterSetBase* params); |
99 | 99 |
100 HANDLE GetStdoutHandle(); | 100 HANDLE GetStdoutHandle(); |
101 HANDLE GetStderrHandle(); | 101 HANDLE GetStderrHandle(); |
102 | 102 |
103 // Returns the list of handles being shared with the target process. | 103 // Returns the list of handles being shared with the target process. |
104 const base::HandlesToInheritVector& GetHandlesBeingShared(); | 104 const base::HandlesToInheritVector& GetHandlesBeingShared(); |
105 | 105 |
106 private: | 106 private: |
107 ~PolicyBase(); | 107 ~PolicyBase(); |
108 | 108 |
109 // Sets up interceptions for a new target. | 109 // Sets up interceptions for a new target. |
110 bool SetupAllInterceptions(TargetProcess* target); | 110 ResultCode SetupAllInterceptions(TargetProcess* target); |
111 | 111 |
112 // Sets up the handle closer for a new target. | 112 // Sets up the handle closer for a new target. |
113 bool SetupHandleCloser(TargetProcess* target); | 113 bool SetupHandleCloser(TargetProcess* target); |
114 | 114 |
115 ResultCode AddRuleInternal(SubSystem subsystem, | 115 ResultCode AddRuleInternal(SubSystem subsystem, |
116 Semantics semantics, | 116 Semantics semantics, |
117 const wchar_t* pattern); | 117 const wchar_t* pattern); |
118 | 118 |
119 // This lock synchronizes operations on the targets_ collection. | 119 // This lock synchronizes operations on the targets_ collection. |
120 CRITICAL_SECTION lock_; | 120 CRITICAL_SECTION lock_; |
(...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
167 // shared with the target at times. | 167 // shared with the target at times. |
168 base::HandlesToInheritVector handles_to_share_; | 168 base::HandlesToInheritVector handles_to_share_; |
169 bool enable_opm_redirection_; | 169 bool enable_opm_redirection_; |
170 | 170 |
171 DISALLOW_COPY_AND_ASSIGN(PolicyBase); | 171 DISALLOW_COPY_AND_ASSIGN(PolicyBase); |
172 }; | 172 }; |
173 | 173 |
174 } // namespace sandbox | 174 } // namespace sandbox |
175 | 175 |
176 #endif // SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_ | 176 #endif // SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_ |
OLD | NEW |