| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/win/src/sandbox_policy_base.h" | 5 #include "sandbox/win/src/sandbox_policy_base.h" |
| 6 | 6 |
| 7 #include <sddl.h> | 7 #include <sddl.h> |
| 8 | 8 |
| 9 #include "base/basictypes.h" | 9 #include "base/basictypes.h" |
| 10 #include "base/callback.h" | 10 #include "base/callback.h" |
| (...skipping 441 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 452 // with the process and therefore with any thread that is not impersonating. | 452 // with the process and therefore with any thread that is not impersonating. |
| 453 DWORD result = CreateRestrictedToken(lockdown, lockdown_level_, | 453 DWORD result = CreateRestrictedToken(lockdown, lockdown_level_, |
| 454 integrity_level_, PRIMARY); | 454 integrity_level_, PRIMARY); |
| 455 if (ERROR_SUCCESS != result) | 455 if (ERROR_SUCCESS != result) |
| 456 return SBOX_ERROR_GENERIC; | 456 return SBOX_ERROR_GENERIC; |
| 457 | 457 |
| 458 // If we're launching on the alternate desktop we need to make sure the | 458 // If we're launching on the alternate desktop we need to make sure the |
| 459 // integrity label on the object is no higher than the sandboxed process's | 459 // integrity label on the object is no higher than the sandboxed process's |
| 460 // integrity level. So, we lower the label on the desktop process if it's | 460 // integrity level. So, we lower the label on the desktop process if it's |
| 461 // not already low enough for our process. | 461 // not already low enough for our process. |
| 462 if (use_alternate_desktop_ && | 462 if (alternate_desktop_handle_ && use_alternate_desktop_ && |
| 463 integrity_level_ != INTEGRITY_LEVEL_LAST && | 463 integrity_level_ != INTEGRITY_LEVEL_LAST && |
| 464 alternate_desktop_integrity_level_label_ < integrity_level_ && | 464 alternate_desktop_integrity_level_label_ < integrity_level_ && |
| 465 base::win::OSInfo::GetInstance()->version() >= base::win::VERSION_VISTA) { | 465 base::win::OSInfo::GetInstance()->version() >= base::win::VERSION_VISTA) { |
| 466 // Integrity label enum is reversed (higher level is a lower value). | 466 // Integrity label enum is reversed (higher level is a lower value). |
| 467 static_assert(INTEGRITY_LEVEL_SYSTEM < INTEGRITY_LEVEL_UNTRUSTED, | 467 static_assert(INTEGRITY_LEVEL_SYSTEM < INTEGRITY_LEVEL_UNTRUSTED, |
| 468 "Integrity level ordering reversed."); | 468 "Integrity level ordering reversed."); |
| 469 result = SetObjectIntegrityLabel(alternate_desktop_handle_, | 469 result = SetObjectIntegrityLabel(alternate_desktop_handle_, |
| 470 SE_WINDOW_OBJECT, | 470 SE_WINDOW_OBJECT, |
| 471 L"", | 471 L"", |
| 472 GetIntegrityLevelString(integrity_level_)); | 472 GetIntegrityLevelString(integrity_level_)); |
| (...skipping 267 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 740 break; | 740 break; |
| 741 } | 741 } |
| 742 | 742 |
| 743 default: { return SBOX_ERROR_UNSUPPORTED; } | 743 default: { return SBOX_ERROR_UNSUPPORTED; } |
| 744 } | 744 } |
| 745 | 745 |
| 746 return SBOX_ALL_OK; | 746 return SBOX_ALL_OK; |
| 747 } | 747 } |
| 748 | 748 |
| 749 } // namespace sandbox | 749 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 686083007:
Check alternate desktop before applying integrity label (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master