Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(336)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/win/src/sandbox_policy_base.cc

Issue 534413002: Use SetAlternateDesktop(false) for service process. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Wed Sep 3 17:28:49 PDT 2014 Created 6 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sandbox/win/src/sandbox_policy_base.h" 5 #include "sandbox/win/src/sandbox_policy_base.h"
6 6
7 #include <sddl.h> 7 #include <sddl.h>
8 8
9 #include "base/basictypes.h" 9 #include "base/basictypes.h"
10 #include "base/callback.h" 10 #include "base/callback.h"
(...skipping 510 matching lines...) Expand 10 before | Expand all | Expand 10 after
521 // with the process and therefore with any thread that is not impersonating. 521 // with the process and therefore with any thread that is not impersonating.
522 DWORD result = CreateRestrictedToken(lockdown, lockdown_level_, 522 DWORD result = CreateRestrictedToken(lockdown, lockdown_level_,
523 integrity_level_, PRIMARY); 523 integrity_level_, PRIMARY);
524 if (ERROR_SUCCESS != result) 524 if (ERROR_SUCCESS != result)
525 return SBOX_ERROR_GENERIC; 525 return SBOX_ERROR_GENERIC;
526 526
527 // If we're launching on the alternate desktop we need to make sure the 527 // If we're launching on the alternate desktop we need to make sure the
528 // integrity label on the object is no higher than the sandboxed process's 528 // integrity label on the object is no higher than the sandboxed process's
529 // integrity level. So, we lower the label on the desktop process if it's 529 // integrity level. So, we lower the label on the desktop process if it's
530 // not already low enough for our process. 530 // not already low enough for our process.
531 if (use_alternate_desktop_ && 531 if (use_alternate_desktop_ && alternate_desktop_handle_ &&
Vitaly Buka (NO REVIEWS) 2014/09/04 00:37:06 this use-case seems should be supported, check com
532 integrity_level_ != INTEGRITY_LEVEL_LAST && 532 integrity_level_ != INTEGRITY_LEVEL_LAST &&
533 alternate_desktop_integrity_level_label_ < integrity_level_ && 533 alternate_desktop_integrity_level_label_ < integrity_level_ &&
534 base::win::OSInfo::GetInstance()->version() >= base::win::VERSION_VISTA) { 534 base::win::OSInfo::GetInstance()->version() >= base::win::VERSION_VISTA) {
535 // Integrity label enum is reversed (higher level is a lower value). 535 // Integrity label enum is reversed (higher level is a lower value).
536 static_assert(INTEGRITY_LEVEL_SYSTEM < INTEGRITY_LEVEL_UNTRUSTED, 536 static_assert(INTEGRITY_LEVEL_SYSTEM < INTEGRITY_LEVEL_UNTRUSTED,
537 "Integrity level ordering reversed."); 537 "Integrity level ordering reversed.");
538 result = SetObjectIntegrityLabel(alternate_desktop_handle_, 538 result = SetObjectIntegrityLabel(alternate_desktop_handle_,
539 SE_WINDOW_OBJECT, 539 SE_WINDOW_OBJECT,
540 L"", 540 L"",
541 GetIntegrityLevelString(integrity_level_)); 541 GetIntegrityLevelString(integrity_level_));
(...skipping 187 matching lines...) Expand 10 before | Expand all | Expand 10 after
729 729
730 // Finally, setup imports on the target so the interceptions can work. 730 // Finally, setup imports on the target so the interceptions can work.
731 return SetupNtdllImports(target); 731 return SetupNtdllImports(target);
732 } 732 }
733 733
734 bool PolicyBase::SetupHandleCloser(TargetProcess* target) { 734 bool PolicyBase::SetupHandleCloser(TargetProcess* target) {
735 return handle_closer_.InitializeTargetHandles(target); 735 return handle_closer_.InitializeTargetHandles(target);
736 } 736 }
737 737
738 } // namespace sandbox 738 } // namespace sandbox
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698