Add ability to query desktop process for its session ID by the network process

remoting/host/win/wts_session_process_delegate.cc

Index: remoting/host/win/wts_session_process_delegate.cc
diff --git a/remoting/host/win/wts_session_process_delegate.cc b/remoting/host/win/wts_session_process_delegate.cc
index 1f1b7bc75648ec50ff7b2c0f907c275776943bfc..d5d9f58c89b108afc4084b64559ce37a23f7e5b9 100644
--- a/remoting/host/win/wts_session_process_delegate.cc
+++ b/remoting/host/win/wts_session_process_delegate.cc
@@ -29,6 +29,7 @@
 #include "remoting/host/ipc_util.h"
 #include "remoting/host/switches.h"
 #include "remoting/host/win/launch_process_with_token.h"
+#include "remoting/host/win/security_descriptor.h"
 #include "remoting/host/win/worker_process_launcher.h"
 #include "remoting/host/win/wts_terminal_monitor.h"
 #include "remoting/host/worker_process_ipc_delegate.h"
@@ -51,7 +52,8 @@ class WtsSessionProcessDelegate::Core
   Core(scoped_refptr<base::SingleThreadTaskRunner> io_task_runner,
        std::unique_ptr<base::CommandLine> target,
        bool launch_elevated,
-       const std::string& channel_security);
+       const std::string& channel_security,
+       const std::string& new_process_security);
 
   // Initializes the object returning true on success.
   bool Initialize(uint32_t session_id);
@@ -115,6 +117,9 @@ class WtsSessionProcessDelegate::Core
   // Security descriptor (as SDDL) to be applied to |channel_|.
   std::string channel_security_;
 
+  // Security descriptor (as SDDL) to be applied to the newly created process.
+  std::string new_process_security_;
+
   WorkerProcessLauncher* event_handler_;
 
   // Pointer to GetNamedPipeClientProcessId() API if it is available.
@@ -149,10 +154,12 @@ WtsSessionProcessDelegate::Core::Core(
     scoped_refptr<base::SingleThreadTaskRunner> io_task_runner,
     std::unique_ptr<base::CommandLine> target_command,
     bool launch_elevated,
-    const std::string& channel_security)
+    const std::string& channel_security,
+    const std::string& new_process_security)
     : caller_task_runner_(base::ThreadTaskRunnerHandle::Get()),
       io_task_runner_(io_task_runner),
       channel_security_(channel_security),
+      new_process_security_(new_process_security),
       event_handler_(nullptr),
       get_named_pipe_client_pid_(nullptr),
       launch_elevated_(launch_elevated),
@@ -388,13 +395,29 @@ void WtsSessionProcessDelegate::Core::DoLaunchProcess() {
   command_line.AppendSwitchNative(kDaemonPipeSwitchName,
                                   base::UTF8ToWide(channel_name));
 
+  ScopedSd security_descriptor;
+  std::unique_ptr<SECURITY_ATTRIBUTES> security_attributes;
+  if (!new_process_security_.empty()) {
+    security_descriptor = ConvertSddlToSd(new_process_security_);
+    if (!security_descriptor) {
+      PLOG(ERROR) << "ConvertSddlToSd() failed.";
+      ReportFatalError();
+      return;
+    }
+
+    security_attributes.reset(new SECURITY_ATTRIBUTES());
+    security_attributes->nLength = sizeof(SECURITY_ATTRIBUTES);
+    security_attributes->lpSecurityDescriptor = security_descriptor.get();
+    security_attributes->bInheritHandle = FALSE;
+  }
+
   // Try to launch the process.
   ScopedHandle worker_process;
   ScopedHandle worker_thread;
   if (!LaunchProcessWithToken(command_line.GetProgram(),
                               command_line.GetCommandLineString(),
                               session_token_.Get(),
-                              nullptr,
+                              security_attributes.get(),
                               nullptr,
                               false,
                               CREATE_SUSPENDED | CREATE_BREAKAWAY_FROM_JOB,
@@ -524,9 +547,10 @@ WtsSessionProcessDelegate::WtsSessionProcessDelegate(
     scoped_refptr<base::SingleThreadTaskRunner> io_task_runner,
     std::unique_ptr<base::CommandLine> target_command,
     bool launch_elevated,
-    const std::string& channel_security) {
+    const std::string& channel_security,
+    const std::string& new_process_security_descriptor) {
   core_ = new Core(io_task_runner, std::move(target_command), launch_elevated,
-                   channel_security);
+                   channel_security, new_process_security_descriptor);
 }
 
 WtsSessionProcessDelegate::~WtsSessionProcessDelegate() {