Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(534)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/win/src/sandbox.h

Issue 2456573002: Revert "Fix sandbox::PolicyBase leak" (Closed)
Patch Set: Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « sandbox/win/src/policy_target_test.cc ('k') | sandbox/win/tests/common/controller.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // Sandbox is a sandbox library for windows processes. Use when you want a 5 // Sandbox is a sandbox library for windows processes. Use when you want a
6 // 'privileged' process and a 'locked down process' to interact with. 6 // 'privileged' process and a 'locked down process' to interact with.
7 // The privileged process is called the broker and it is started by external 7 // The privileged process is called the broker and it is started by external
8 // means (such as the user starting it). The 'sandboxed' process is called the 8 // means (such as the user starting it). The 'sandboxed' process is called the
9 // target and it is started by the broker. There can be many target processes 9 // target and it is started by the broker. There can be many target processes
10 // started by a single broker process. This library provides facilities 10 // started by a single broker process. This library provides facilities
11 // for both the broker and the target. 11 // for both the broker and the target.
12 // 12 //
13 // The design rationale and relevant documents can be found at http://go/sbox. 13 // The design rationale and relevant documents can be found at http://go/sbox.
14 // 14 //
15 // Note: this header does not include the SandboxFactory definitions because 15 // Note: this header does not include the SandboxFactory definitions because
16 // there are cases where the Sandbox library is linked against the main .exe 16 // there are cases where the Sandbox library is linked against the main .exe
17 // while its API needs to be used in a DLL. 17 // while its API needs to be used in a DLL.
18 18
19 #ifndef SANDBOX_WIN_SRC_SANDBOX_H_ 19 #ifndef SANDBOX_WIN_SRC_SANDBOX_H_
20 #define SANDBOX_WIN_SRC_SANDBOX_H_ 20 #define SANDBOX_WIN_SRC_SANDBOX_H_
21 21
22 #include <windows.h> 22 #include <windows.h>
23 23
24 #include "base/memory/ref_counted.h"
25 #include "sandbox/win/src/sandbox_policy.h" 24 #include "sandbox/win/src/sandbox_policy.h"
26 #include "sandbox/win/src/sandbox_types.h" 25 #include "sandbox/win/src/sandbox_types.h"
27 26
28 // sandbox: Google User-Land Application Sandbox 27 // sandbox: Google User-Land Application Sandbox
29 namespace sandbox { 28 namespace sandbox {
30 29
31 class BrokerServices; 30 class BrokerServices;
32 class ProcessState; 31 class ProcessState;
33 class TargetPolicy; 32 class TargetPolicy;
34 class TargetServices; 33 class TargetServices;
(...skipping 15 matching lines...) Expand all
50 public: 49 public:
51 // Initializes the broker. Must be called before any other on this class. 50 // Initializes the broker. Must be called before any other on this class.
52 // returns ALL_OK if successful. All other return values imply failure. 51 // returns ALL_OK if successful. All other return values imply failure.
53 // If the return is ERROR_GENERIC, you can call ::GetLastError() to get 52 // If the return is ERROR_GENERIC, you can call ::GetLastError() to get
54 // more information. 53 // more information.
55 virtual ResultCode Init() = 0; 54 virtual ResultCode Init() = 0;
56 55
57 // Returns the interface pointer to a new, empty policy object. Use this 56 // Returns the interface pointer to a new, empty policy object. Use this
58 // interface to specify the sandbox policy for new processes created by 57 // interface to specify the sandbox policy for new processes created by
59 // SpawnTarget() 58 // SpawnTarget()
60 virtual scoped_refptr<TargetPolicy> CreatePolicy() = 0; 59 virtual TargetPolicy* CreatePolicy() = 0;
61 60
62 // Creates a new target (child process) in a suspended state. 61 // Creates a new target (child process) in a suspended state.
63 // Parameters: 62 // Parameters:
64 // exe_path: This is the full path to the target binary. This parameter 63 // exe_path: This is the full path to the target binary. This parameter
65 // can be null and in this case the exe path must be the first argument 64 // can be null and in this case the exe path must be the first argument
66 // of the command_line. 65 // of the command_line.
67 // command_line: The arguments to be passed as command line to the new 66 // command_line: The arguments to be passed as command line to the new
68 // process. This can be null if the exe_path parameter is not null. 67 // process. This can be null if the exe_path parameter is not null.
69 // policy: This is the pointer to the policy object for the sandbox to 68 // policy: This is the pointer to the policy object for the sandbox to
70 // be created. 69 // be created.
71 // last_warning: The argument will contain an indication on whether 70 // last_warning: The argument will contain an indication on whether
72 // the process security was initialized completely, Only set if the 71 // the process security was initialized completely, Only set if the
73 // process can be used without a serious compromise in security. 72 // process can be used without a serious compromise in security.
74 // last_error: If an error or warning is returned from this method this 73 // last_error: If an error or warning is returned from this method this
75 // parameter will hold the last Win32 error value. 74 // parameter will hold the last Win32 error value.
76 // target: returns the resulting target process information such as process 75 // target: returns the resulting target process information such as process
77 // handle and PID just as if CreateProcess() had been called. The caller is 76 // handle and PID just as if CreateProcess() had been called. The caller is
78 // responsible for closing the handles returned in this structure. 77 // responsible for closing the handles returned in this structure.
79 // Returns: 78 // Returns:
80 // ALL_OK if successful. All other return values imply failure. 79 // ALL_OK if successful. All other return values imply failure.
81 virtual ResultCode SpawnTarget(const wchar_t* exe_path, 80 virtual ResultCode SpawnTarget(const wchar_t* exe_path,
82 const wchar_t* command_line, 81 const wchar_t* command_line,
83 scoped_refptr<TargetPolicy> policy, 82 TargetPolicy* policy,
84 ResultCode* last_warning, 83 ResultCode* last_warning,
85 DWORD* last_error, 84 DWORD* last_error,
86 PROCESS_INFORMATION* target) = 0; 85 PROCESS_INFORMATION* target) = 0;
87 86
88 // This call blocks (waits) for all the targets to terminate. 87 // This call blocks (waits) for all the targets to terminate.
89 // Returns: 88 // Returns:
90 // ALL_OK if successful. All other return values imply failure. 89 // ALL_OK if successful. All other return values imply failure.
91 // If the return is ERROR_GENERIC, you can call ::GetLastError() to get 90 // If the return is ERROR_GENERIC, you can call ::GetLastError() to get
92 // more information. 91 // more information.
93 virtual ResultCode WaitForAllTargets() = 0; 92 virtual ResultCode WaitForAllTargets() = 0;
(...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after
132 // Returns the ProcessState object. Through that object it's possible to have 131 // Returns the ProcessState object. Through that object it's possible to have
133 // information about the current state of the process, such as whether 132 // information about the current state of the process, such as whether
134 // LowerToken has been called or not. 133 // LowerToken has been called or not.
135 virtual ProcessState* GetState() = 0; 134 virtual ProcessState* GetState() = 0;
136 }; 135 };
137 136
138 } // namespace sandbox 137 } // namespace sandbox
139 138
140 139
141 #endif // SANDBOX_WIN_SRC_SANDBOX_H_ 140 #endif // SANDBOX_WIN_SRC_SANDBOX_H_
OLDNEW
« no previous file with comments | « sandbox/win/src/policy_target_test.cc ('k') | sandbox/win/tests/common/controller.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698