OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <aclapi.h> | 5 #include <aclapi.h> |
6 #include <sddl.h> | 6 #include <sddl.h> |
7 #include <vector> | 7 #include <vector> |
8 | 8 |
9 #include "sandbox/win/src/restricted_token_utils.h" | 9 #include "sandbox/win/src/restricted_token_utils.h" |
10 | 10 |
(...skipping 128 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
139 | 139 |
140 return err_code; | 140 return err_code; |
141 } | 141 } |
142 | 142 |
143 DWORD StartRestrictedProcessInJob(wchar_t *command_line, | 143 DWORD StartRestrictedProcessInJob(wchar_t *command_line, |
144 TokenLevel primary_level, | 144 TokenLevel primary_level, |
145 TokenLevel impersonation_level, | 145 TokenLevel impersonation_level, |
146 JobLevel job_level, | 146 JobLevel job_level, |
147 HANDLE *const job_handle_ret) { | 147 HANDLE *const job_handle_ret) { |
148 Job job; | 148 Job job; |
149 DWORD err_code = job.Init(job_level, NULL, 0); | 149 DWORD err_code = job.Init(job_level, NULL, 0, 0); |
150 if (ERROR_SUCCESS != err_code) | 150 if (ERROR_SUCCESS != err_code) |
151 return err_code; | 151 return err_code; |
152 | 152 |
153 if (JOB_UNPROTECTED != job_level) { | 153 if (JOB_UNPROTECTED != job_level) { |
154 // Share the Desktop handle to be able to use MessageBox() in the sandboxed | 154 // Share the Desktop handle to be able to use MessageBox() in the sandboxed |
155 // application. | 155 // application. |
156 err_code = job.UserHandleGrantAccess(GetDesktopWindow()); | 156 err_code = job.UserHandleGrantAccess(GetDesktopWindow()); |
157 if (ERROR_SUCCESS != err_code) | 157 if (ERROR_SUCCESS != err_code) |
158 return err_code; | 158 return err_code; |
159 } | 159 } |
(...skipping 176 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
336 if (!::OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_DEFAULT, | 336 if (!::OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_DEFAULT, |
337 &token_handle)) | 337 &token_handle)) |
338 return ::GetLastError(); | 338 return ::GetLastError(); |
339 | 339 |
340 base::win::ScopedHandle token(token_handle); | 340 base::win::ScopedHandle token(token_handle); |
341 | 341 |
342 return SetTokenIntegrityLevel(token.Get(), integrity_level); | 342 return SetTokenIntegrityLevel(token.Get(), integrity_level); |
343 } | 343 } |
344 | 344 |
345 } // namespace sandbox | 345 } // namespace sandbox |
OLD | NEW |