Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(247)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: mojo/edk/embedder/named_platform_handle_utils_win.cc

Issue 2444793002: Allow custom security descriptors when creating named pipes on Windows. (Closed)
Patch Set: Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « mojo/edk/embedder/named_platform_handle_utils_posix.cc ('k') | mojo/edk/test/multiprocess_test_helper.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: mojo/edk/embedder/named_platform_handle_utils_win.cc
diff --git a/mojo/edk/embedder/named_platform_handle_utils_win.cc b/mojo/edk/embedder/named_platform_handle_utils_win.cc
index ccf506217ae222e89e57de95ba85089c7fc575f0..1a602d1a4c74559dd92f4f5e1cd2ba68b05c76a4 100644
--- a/mojo/edk/embedder/named_platform_handle_utils_win.cc
+++ b/mojo/edk/embedder/named_platform_handle_utils_win.cc
@@ -15,6 +15,18 @@
namespace mojo {
namespace edk {
+namespace {
+
+// A DACL to grant:
+// GA = Generic All
+// access to:
+// SY = LOCAL_SYSTEM
+// BA = BUILTIN_ADMINISTRATORS
+// OW = OWNER_RIGHTS
+constexpr base::char16 kDefaultSecurityDescriptor[] =
+ L"D:(A;;GA;;;SY)(A;;GA;;;BA)(A;;GA;;;OW)";
+
+} // namespace
ScopedPlatformHandle CreateClientHandle(
const NamedPlatformHandle& named_handle) {
@@ -41,27 +53,23 @@ ScopedPlatformHandle CreateClientHandle(
return handle;
}
-ScopedPlatformHandle CreateServerHandle(const NamedPlatformHandle& named_handle,
- bool enforce_uniqueness) {
+ScopedPlatformHandle CreateServerHandle(
+ const NamedPlatformHandle& named_handle,
+ const CreateServerHandleOptions& options) {
if (!named_handle.is_valid())
return ScopedPlatformHandle();
PSECURITY_DESCRIPTOR security_desc = nullptr;
ULONG security_desc_len = 0;
- // Create a DACL to grant:
- // GA = Generic All
- // access to:
- // SY = LOCAL_SYSTEM
- // BA = BUILTIN_ADMINISTRATORS
- // OW = OWNER_RIGHTS
PCHECK(ConvertStringSecurityDescriptorToSecurityDescriptor(
- L"D:(A;;GA;;;SY)(A;;GA;;;BA)(A;;GA;;;OW)", SDDL_REVISION_1,
- &security_desc, &security_desc_len));
+ options.security_descriptor.empty() ? kDefaultSecurityDescriptor
+ : options.security_descriptor.c_str(),
+ SDDL_REVISION_1, &security_desc, &security_desc_len));
std::unique_ptr<void, decltype(::LocalFree)*> p(security_desc, ::LocalFree);
SECURITY_ATTRIBUTES security_attributes = {sizeof(SECURITY_ATTRIBUTES),
security_desc, FALSE};
- const DWORD kOpenMode = enforce_uniqueness
+ const DWORD kOpenMode = options.enforce_uniqueness
? PIPE_ACCESS_DUPLEX | FILE_FLAG_OVERLAPPED |
FILE_FLAG_FIRST_PIPE_INSTANCE
: PIPE_ACCESS_DUPLEX | FILE_FLAG_OVERLAPPED;
@@ -69,9 +77,9 @@ ScopedPlatformHandle CreateServerHandle(const NamedPlatformHandle& named_handle,
PIPE_TYPE_BYTE | PIPE_READMODE_BYTE | PIPE_REJECT_REMOTE_CLIENTS;
PlatformHandle handle(
CreateNamedPipeW(named_handle.pipe_name().c_str(), kOpenMode, kPipeMode,
- enforce_uniqueness ? 1 : 255, // Max instances.
- 4096, // Out buffer size.
- 4096, // In buffer size.
+ options.enforce_uniqueness ? 1 : 255, // Max instances.
+ 4096, // Out buffer size.
+ 4096, // In buffer size.
5000, // Timeout in milliseconds.
&security_attributes));
handle.needs_connection = true;
« no previous file with comments | « mojo/edk/embedder/named_platform_handle_utils_posix.cc ('k') | mojo/edk/test/multiprocess_test_helper.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698