Cache sandbox tokens

sandbox/win/src/sandbox_policy.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef SANDBOX_WIN_SRC_SANDBOX_POLICY_H_
 #define SANDBOX_WIN_SRC_SANDBOX_POLICY_H_
 
 #include <string>
 
 #include "base/basictypes.h"
@@ skipping 69 matching lines @@
   //   definition.
   // Return value: SBOX_ALL_OK if the setting succeeds and false otherwise.
   //   Returns false if the lockdown value is more permissive than the initial
   //   value.
   //
   // Important: most of the sandbox-provided security relies on this single
   // setting. The caller should strive to set the lockdown level as restricted
   // as possible.
   virtual ResultCode SetTokenLevel(TokenLevel initial, TokenLevel lockdown) = 0;
 
+  // Returns the initial token level.
+  virtual TokenLevel GetInitialTokenLevel() = 0;
+
+  // Returns the lockdown token level.
+  virtual TokenLevel GetLockdownTokenLevel() = 0;
+
   // Sets the security level of the Job Object to which the target process will
   // belong. This setting is permanent and cannot be changed once the target
   // process is spawned. The job controls the global security settings which
   // can not be specified in the token security profile.
   // job_level: the security level for the job. See the explanation of each
   //   level in the JobLevel definition.
   // ui_exceptions: specify what specific rights that are disabled in the
   //   chosen job_level that need to be granted. Use this parameter to avoid
   //   selecting the next permissive job level unless you need all the rights
   //   that are granted in such level.
@@ skipping 37 matching lines @@
 
   // Destroys the desktop and windows station.
   virtual void DestroyAlternateDesktop() = 0;
 
   // Sets the integrity level of the process in the sandbox. Both the initial
   // token and the main token will be affected by this. If the integrity level
   // is set to a level higher than the current level, the sandbox will fail
   // to start.
   virtual ResultCode SetIntegrityLevel(IntegrityLevel level) = 0;
 
+  // Returns the initial integrity level used.
+  virtual IntegrityLevel GetIntegrityLevel() = 0;
+
   // Sets the integrity level of the process in the sandbox. The integrity level
   // will not take effect before you call LowerToken. User Interface Privilege
   // Isolation is not affected by this setting and will remain off for the
   // process in the sandbox. If the integrity level is set to a level higher
   // than the current level, the sandbox will fail to start.
   virtual ResultCode SetDelayedIntegrityLevel(IntegrityLevel level) = 0;
 
   // Sets the AppContainer to be used for the sandboxed process. Any capability
   // to be enabled for the process should be added before this method is invoked
   // (by calling SetCapability() as many times as needed).
@@ skipping 62 matching lines @@
   // A NULL value for handle_name indicates all handles of the specified type.
   // An empty string for handle_name indicates the handle is unnamed.
   virtual ResultCode AddKernelObjectToClose(const wchar_t* handle_type,
                                             const wchar_t* handle_name) = 0;
 };
 
 }  // namespace sandbox
 
 
 #endif  // SANDBOX_WIN_SRC_SANDBOX_POLICY_H_