OLD | NEW |
| (Empty) |
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "sandbox/win/src/restricted_token.h" | |
6 #include "sandbox/win/src/restricted_token_utils.h" | |
7 #include "sandbox/win/tools/finder/finder.h" | |
8 | |
9 Finder::Finder() { | |
10 file_output_ = NULL; | |
11 object_type_ = 0; | |
12 access_type_ = 0; | |
13 memset(filesystem_stats_, 0, sizeof(filesystem_stats_)); | |
14 memset(registry_stats_, 0, sizeof(registry_stats_)); | |
15 memset(kernel_object_stats_, 0, sizeof(kernel_object_stats_)); | |
16 } | |
17 | |
18 Finder::~Finder() { | |
19 } | |
20 | |
21 DWORD Finder::Init(sandbox::TokenLevel token_type, | |
22 DWORD object_type, | |
23 DWORD access_type, | |
24 FILE *file_output) { | |
25 DWORD err_code = ERROR_SUCCESS; | |
26 | |
27 err_code = InitNT(); | |
28 if (ERROR_SUCCESS != err_code) | |
29 return err_code; | |
30 | |
31 object_type_ = object_type; | |
32 access_type_ = access_type; | |
33 file_output_ = file_output; | |
34 | |
35 err_code = sandbox::CreateRestrictedToken(token_type, | |
36 sandbox::INTEGRITY_LEVEL_LAST, | |
37 sandbox::PRIMARY, &token_handle_); | |
38 return err_code; | |
39 } | |
40 | |
41 DWORD Finder::Scan() { | |
42 if (!token_handle_.IsValid()) { | |
43 return ERROR_NO_TOKEN; | |
44 } | |
45 | |
46 if (object_type_ & kScanRegistry) { | |
47 ParseRegistry(HKEY_LOCAL_MACHINE, L"HKLM\\"); | |
48 ParseRegistry(HKEY_USERS, L"HKU\\"); | |
49 ParseRegistry(HKEY_CURRENT_CONFIG, L"HKCC\\"); | |
50 } | |
51 | |
52 if (object_type_ & kScanFileSystem) { | |
53 ParseFileSystem(L"\\\\?\\C:"); | |
54 } | |
55 | |
56 if (object_type_ & kScanKernelObjects) { | |
57 ParseKernelObjects(L"\\"); | |
58 } | |
59 | |
60 return ERROR_SUCCESS; | |
61 } | |
OLD | NEW |