OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/common/sandbox_win.h" | 5 #include "content/common/sandbox_win.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 | 8 |
9 #include "base/base_switches.h" | 9 #include "base/base_switches.h" |
10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
(...skipping 291 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
302 return false; | 302 return false; |
303 | 303 |
304 // Allow the server side of sync sockets, which are pipes that have | 304 // Allow the server side of sync sockets, which are pipes that have |
305 // the "chrome.sync" namespace and a randomly generated suffix. | 305 // the "chrome.sync" namespace and a randomly generated suffix. |
306 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_NAMED_PIPES, | 306 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_NAMED_PIPES, |
307 sandbox::TargetPolicy::NAMEDPIPES_ALLOW_ANY, | 307 sandbox::TargetPolicy::NAMEDPIPES_ALLOW_ANY, |
308 L"\\\\.\\pipe\\chrome.sync.*"); | 308 L"\\\\.\\pipe\\chrome.sync.*"); |
309 if (result != sandbox::SBOX_ALL_OK) | 309 if (result != sandbox::SBOX_ALL_OK) |
310 return false; | 310 return false; |
311 | 311 |
312 // XXX: This is in the wrong place, it should only apply to the renderer. | |
scottmg
2014/03/21 23:04:06
This needs to be made renderer-only rather than in
Will Harris
2014/03/21 23:55:47
suggested location below around 657
| |
313 base::FilePath directory; | |
314 if (!PathService::Get(base::DIR_WINDOWS_FONTS, &directory)) | |
315 return false; | |
316 directory.Append(FILE_PATH_LITERAL("\\*")); | |
317 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES, | |
318 sandbox::TargetPolicy::FILES_ALLOW_READONLY, | |
319 directory.value().c_str()); | |
320 if (result != sandbox::SBOX_ALL_OK) | |
321 return false; | |
322 | |
312 // Add the policy for debug message only in debug | 323 // Add the policy for debug message only in debug |
313 #ifndef NDEBUG | 324 #ifndef NDEBUG |
314 base::FilePath app_dir; | 325 base::FilePath app_dir; |
315 if (!PathService::Get(base::DIR_MODULE, &app_dir)) | 326 if (!PathService::Get(base::DIR_MODULE, &app_dir)) |
316 return false; | 327 return false; |
317 | 328 |
318 wchar_t long_path_buf[MAX_PATH]; | 329 wchar_t long_path_buf[MAX_PATH]; |
319 DWORD long_path_return_value = GetLongPathName(app_dir.value().c_str(), | 330 DWORD long_path_return_value = GetLongPathName(app_dir.value().c_str(), |
320 long_path_buf, | 331 long_path_buf, |
321 MAX_PATH); | 332 MAX_PATH); |
(...skipping 314 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
636 | 647 |
637 if (!disable_default_policy && !AddPolicyForSandboxedProcess(policy)) | 648 if (!disable_default_policy && !AddPolicyForSandboxedProcess(policy)) |
638 return 0; | 649 return 0; |
639 | 650 |
640 if (type_str != switches::kRendererProcess) { | 651 if (type_str != switches::kRendererProcess) { |
641 // Hack for Google Desktop crash. Trick GD into not injecting its DLL into | 652 // Hack for Google Desktop crash. Trick GD into not injecting its DLL into |
642 // this subprocess. See | 653 // this subprocess. See |
643 // http://code.google.com/p/chromium/issues/detail?id=25580 | 654 // http://code.google.com/p/chromium/issues/detail?id=25580 |
644 cmd_line->AppendSwitchASCII("ignored", " --type=renderer "); | 655 cmd_line->AppendSwitchASCII("ignored", " --type=renderer "); |
645 } | 656 } |
646 | 657 |
Will Harris
2014/03/21 23:55:47
maybe put that policy here
| |
647 sandbox::ResultCode result; | 658 sandbox::ResultCode result; |
648 if (!exposed_dir.empty()) { | 659 if (!exposed_dir.empty()) { |
649 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES, | 660 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES, |
650 sandbox::TargetPolicy::FILES_ALLOW_ANY, | 661 sandbox::TargetPolicy::FILES_ALLOW_ANY, |
651 exposed_dir.value().c_str()); | 662 exposed_dir.value().c_str()); |
652 if (result != sandbox::SBOX_ALL_OK) | 663 if (result != sandbox::SBOX_ALL_OK) |
653 return 0; | 664 return 0; |
654 | 665 |
655 base::FilePath exposed_files = exposed_dir.AppendASCII("*"); | 666 base::FilePath exposed_files = exposed_dir.AppendASCII("*"); |
656 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES, | 667 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES, |
(...skipping 87 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
744 } | 755 } |
745 | 756 |
746 return false; | 757 return false; |
747 } | 758 } |
748 | 759 |
749 bool BrokerAddTargetPeer(HANDLE peer_process) { | 760 bool BrokerAddTargetPeer(HANDLE peer_process) { |
750 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK; | 761 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK; |
751 } | 762 } |
752 | 763 |
753 } // namespace content | 764 } // namespace content |
OLD | NEW |