Index: sandbox/win/tools/finder/finder.h |
diff --git a/sandbox/win/tools/finder/finder.h b/sandbox/win/tools/finder/finder.h |
new file mode 100644 |
index 0000000000000000000000000000000000000000..503447d06f5d5b701f19f049903fb477476bea70 |
--- /dev/null |
+++ b/sandbox/win/tools/finder/finder.h |
@@ -0,0 +1,144 @@ |
+// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#ifndef SANDBOX_TOOLS_FINDER_FINDER_H_ |
+#define SANDBOX_TOOLS_FINDER_FINDER_H_ |
+ |
+#include "base/win/scoped_handle.h" |
+#include "sandbox/win/src/restricted_token_utils.h" |
+#include "sandbox/win/tools/finder/ntundoc.h" |
+ |
+// Type of stats that we calculate during the Scan operation |
+enum Stats { |
+ READ = 0, // Number of objects with read access |
+ WRITE, // Number of objects with write access |
+ ALL, // Number of objects with r/w access |
+ PARSE, // Number of objects parsed |
+ BROKEN, // Number of errors while parsing the objects |
+ SIZE_STATS // size of the enum |
+}; |
+ |
+const int kScanRegistry = 0x01; |
+const int kScanFileSystem = 0x02; |
+const int kScanKernelObjects = 0x04; |
+ |
+const int kTestForRead = 0x01; |
+const int kTestForWrite = 0x02; |
+const int kTestForAll = 0x04; |
+ |
+#define FS_ERR L"FILE-ERROR" |
+#define OBJ_ERR L"OBJ-ERROR" |
+#define REG_ERR L"REG_ERROR" |
+#define OBJ L"OBJ" |
+#define FS L"FILE" |
+#define REG L"REG" |
+ |
+// The impersonater class will impersonate a token when the object is created |
+// and revert when the object is going out of scope. |
+class Impersonater { |
+ public: |
+ Impersonater(HANDLE token_handle) { |
+ if (token_handle) |
+ ::ImpersonateLoggedOnUser(token_handle); |
+ }; |
+ ~Impersonater() { |
+ ::RevertToSelf(); |
+ }; |
+}; |
+ |
+// The finder class handles the search of objects (file system, registry, kernel |
+// objects) on the system that can be opened by a restricted token. It can |
+// support multiple levels of restriction for the restricted token and can check |
+// for read, write or r/w access. It outputs the results to a file or stdout. |
+class Finder { |
+ public: |
+ Finder(); |
+ ~Finder(); |
+ DWORD Init(sandbox::TokenLevel token_type, DWORD object_type, |
+ DWORD access_type, FILE *file_output); |
+ DWORD Scan(); |
+ |
+ private: |
+ // Parses a file system path and perform an access check on all files and |
+ // folder found. |
+ // Returns ERROR_SUCCESS if the function succeeded, otherwise, it returns the |
+ // win32 error code associated with the error. |
+ DWORD ParseFileSystem(ATL::CString path); |
+ |
+ // Parses a registry hive referenced by "key" and performs an access check on |
+ // all subkeys found. |
+ // Returns ERROR_SUCCESS if the function succeeded, otherwise, it returns the |
+ // win32 error code associated with the error. |
+ DWORD ParseRegistry(HKEY key, ATL::CString print_name); |
+ |
+ // Parses the kernel namespace beginning at "path" and performs an access |
+ // check on all objects found. However, only some object types are supported, |
+ // all non supported objects are ignored. |
+ // Returns ERROR_SUCCESS if the function succeeded, otherwise, it returns the |
+ // win32 error code associated with the error. |
+ DWORD ParseKernelObjects(ATL::CString path); |
+ |
+ // Checks if "path" can be accessed with the restricted token. |
+ // Returns the access granted. |
+ DWORD TestFileAccess(ATL::CString path); |
+ |
+ // Checks if the registry key with the path key\name can be accessed with the |
+ // restricted token. |
+ // print_name is only use for logging purpose. |
+ // Returns the access granted. |
+ DWORD TestRegAccess(HKEY key, ATL::CString name, ATL::CString print_name); |
+ |
+ // Checks if the kernel object "path" of type "type" can be accessed with |
+ // the restricted token. |
+ // Returns the access granted. |
+ DWORD TestKernelObjectAccess(ATL::CString path, ATL::CString type); |
+ |
+ // Outputs information to the logfile |
+ void Output(ATL::CString type, ATL::CString access, ATL::CString info) { |
+ fprintf(file_output_, "\n%S;%S;%S", type.GetBuffer(), access.GetBuffer(), |
+ info.GetBuffer()); |
+ }; |
+ |
+ // Output information to the log file. |
+ void Output(ATL::CString type, DWORD error, ATL::CString info) { |
+ fprintf(file_output_, "\n%S;0x%X;%S", type.GetBuffer(), error, |
+ info.GetBuffer()); |
+ }; |
+ |
+ // Set func_to_call to the function pointer of the function used to handle |
+ // requests for the kernel objects of type "type". If the type is not |
+ // supported at the moment the function returns false and the func_to_call |
+ // parameter is not modified. |
+ bool GetFunctionForType(ATL::CString type, NTGENERICOPEN * func_to_call); |
+ |
+ // Initializes the NT function pointers to be able to use all the needed |
+ // functions in NTDDL. |
+ // Returns ERROR_SUCCESS if the function succeeded, otherwise, it returns the |
+ // win32 error code associated with the error. |
+ DWORD InitNT(); |
+ |
+ // Calls func_to_call with the parameters desired_access, object_attributes |
+ // and handle. func_to_call is a pointer to a function to open a kernel |
+ // object. |
+ NTSTATUS NtGenericOpen(ACCESS_MASK desired_access, |
+ OBJECT_ATTRIBUTES *object_attributes, |
+ NTGENERICOPEN func_to_call, |
+ HANDLE *handle); |
+ |
+ // Type of object to check for. |
+ DWORD object_type_; |
+ // Access to try. |
+ DWORD access_type_; |
+ // Output file for the results. |
+ FILE * file_output_; |
+ // Handle to the restricted token. |
+ base::win::ScopedHandle token_handle_; |
+ // Stats containing the number of operations performed on the different |
+ // objects. |
+ int filesystem_stats_[SIZE_STATS]; |
+ int registry_stats_[SIZE_STATS]; |
+ int kernel_object_stats_[SIZE_STATS]; |
+}; |
+ |
+#endif // SANDBOX_TOOLS_FINDER_FINDER_H_ |