OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <windows.h> | 5 #include <windows.h> |
6 #include <sddl.h> | 6 #include <sddl.h> |
7 | 7 |
8 #include <memory> | 8 #include <memory> |
9 | 9 |
10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
(...skipping 181 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
192 | 192 |
193 win::ScopedHandle communication_pipe = | 193 win::ScopedHandle communication_pipe = |
194 CreateCommunicationPipe(communication_pipe_name); | 194 CreateCommunicationPipe(communication_pipe_name); |
195 ASSERT_TRUE(communication_pipe.Get()); | 195 ASSERT_TRUE(communication_pipe.Get()); |
196 | 196 |
197 win::ScopedHandle lowered_process_token = CreateLowIntegritySID(); | 197 win::ScopedHandle lowered_process_token = CreateLowIntegritySID(); |
198 ASSERT_TRUE(lowered_process_token.Get()); | 198 ASSERT_TRUE(lowered_process_token.Get()); |
199 | 199 |
200 base::LaunchOptions options; | 200 base::LaunchOptions options; |
201 options.as_user = lowered_process_token.Get(); | 201 options.as_user = lowered_process_token.Get(); |
202 base::Process process = SpawnChildWithOptions("LowerPermissions", options); | 202 |
203 ASSERT_TRUE(process.IsValid()); | 203 base::SpawnChildResult spawn_child = |
| 204 SpawnChildWithOptions("LowerPermissions", options); |
| 205 ASSERT_TRUE(spawn_child.process.IsValid()); |
204 | 206 |
205 SharedMemory memory; | 207 SharedMemory memory; |
206 memory.CreateAndMapAnonymous(1001); | 208 memory.CreateAndMapAnonymous(1001); |
207 | 209 |
208 // Duplicate into child process, giving only FILE_MAP_READ permissions. | 210 // Duplicate into child process, giving only FILE_MAP_READ permissions. |
209 HANDLE raw_handle = nullptr; | 211 HANDLE raw_handle = nullptr; |
210 ::DuplicateHandle(::GetCurrentProcess(), memory.handle().GetHandle(), | 212 ::DuplicateHandle(::GetCurrentProcess(), memory.handle().GetHandle(), |
211 process.Handle(), &raw_handle, | 213 spawn_child.process.Handle(), &raw_handle, |
212 FILE_MAP_READ | SECTION_QUERY, FALSE, 0); | 214 FILE_MAP_READ | SECTION_QUERY, FALSE, 0); |
213 ASSERT_TRUE(raw_handle); | 215 ASSERT_TRUE(raw_handle); |
214 | 216 |
215 WriteHandleToPipe(communication_pipe.Get(), raw_handle); | 217 WriteHandleToPipe(communication_pipe.Get(), raw_handle); |
216 | 218 |
217 int exit_code; | 219 int exit_code; |
218 EXPECT_TRUE(process.WaitForExitWithTimeout(TestTimeouts::action_max_timeout(), | 220 EXPECT_TRUE(spawn_child.process.WaitForExitWithTimeout( |
219 &exit_code)); | 221 TestTimeouts::action_max_timeout(), &exit_code)); |
220 EXPECT_EQ(0, exit_code); | 222 EXPECT_EQ(0, exit_code); |
221 } | 223 } |
222 | 224 |
223 } // namespace | 225 } // namespace |
224 } // namespace base | 226 } // namespace base |
OLD | NEW |