Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(131)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: remoting/host/win/unprivileged_process_delegate.cc

Issue 71013004: Base: Remove Receive() from ScopedHandle. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Fix delegate_execute for google_chrome_build Created 7 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « remoting/host/win/launch_process_with_token.cc ('k') | remoting/host/win/worker_process_launcher_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 1
2 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
3 // Use of this source code is governed by a BSD-style license that can be 3 // Use of this source code is governed by a BSD-style license that can be
4 // found in the LICENSE file. 4 // found in the LICENSE file.
5 // 5 //
6 // This file implements the Windows service controlling Me2Me host processes 6 // This file implements the Windows service controlling Me2Me host processes
7 // running within user sessions. 7 // running within user sessions.
8 8
9 #include "remoting/host/win/unprivileged_process_delegate.h" 9 #include "remoting/host/win/unprivileged_process_delegate.h"
10 10
(...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after
67 // Security descriptor of the worker process threads. It gives access SYSTEM 67 // Security descriptor of the worker process threads. It gives access SYSTEM
68 // full access to the threads. It gives READ_CONTROL, SYNCHRONIZE, 68 // full access to the threads. It gives READ_CONTROL, SYNCHRONIZE,
69 // THREAD_QUERY_INFORMATION and THREAD_TERMINATE rights to the built-in 69 // THREAD_QUERY_INFORMATION and THREAD_TERMINATE rights to the built-in
70 // administrators group. 70 // administrators group.
71 const char kWorkerThreadSd[] = "O:SYG:SYD:(A;;GA;;;SY)(A;;0x120801;;;BA)"; 71 const char kWorkerThreadSd[] = "O:SYG:SYD:(A;;GA;;;SY)(A;;0x120801;;;BA)";
72 72
73 // Creates a token with limited access that will be used to run the worker 73 // Creates a token with limited access that will be used to run the worker
74 // process. 74 // process.
75 bool CreateRestrictedToken(ScopedHandle* token_out) { 75 bool CreateRestrictedToken(ScopedHandle* token_out) {
76 // Create a token representing LocalService account. 76 // Create a token representing LocalService account.
77 ScopedHandle token; 77 HANDLE temp_handle;
78 if (!LogonUser(L"LocalService", L"NT AUTHORITY", NULL, LOGON32_LOGON_SERVICE, 78 if (!LogonUser(L"LocalService", L"NT AUTHORITY", NULL, LOGON32_LOGON_SERVICE,
79 LOGON32_PROVIDER_DEFAULT, token.Receive())) { 79 LOGON32_PROVIDER_DEFAULT, &temp_handle)) {
80 return false; 80 return false;
81 } 81 }
82 ScopedHandle token(temp_handle);
82 83
83 sandbox::RestrictedToken restricted_token; 84 sandbox::RestrictedToken restricted_token;
84 if (restricted_token.Init(token) != ERROR_SUCCESS) 85 if (restricted_token.Init(token) != ERROR_SUCCESS)
85 return false; 86 return false;
86 87
87 // Remove all privileges in the token. 88 // Remove all privileges in the token.
88 if (restricted_token.DeleteAllPrivileges(NULL) != ERROR_SUCCESS) 89 if (restricted_token.DeleteAllPrivileges(NULL) != ERROR_SUCCESS)
89 return false; 90 return false;
90 91
91 // Set low integrity level if supported by the OS. 92 // Set low integrity level if supported by the OS.
92 if (base::win::GetVersion() >= base::win::VERSION_VISTA) { 93 if (base::win::GetVersion() >= base::win::VERSION_VISTA) {
93 if (restricted_token.SetIntegrityLevel(sandbox::INTEGRITY_LEVEL_LOW) 94 if (restricted_token.SetIntegrityLevel(sandbox::INTEGRITY_LEVEL_LOW)
94 != ERROR_SUCCESS) { 95 != ERROR_SUCCESS) {
95 return false; 96 return false;
96 } 97 }
97 } 98 }
98 99
99 // Return the resulting token. 100 // Return the resulting token.
100 return restricted_token.GetRestrictedTokenHandle(token_out->Receive()) == 101 if (restricted_token.GetRestrictedTokenHandle(&temp_handle) ==
101 ERROR_SUCCESS; 102 ERROR_SUCCESS) {
103 token_out->Set(temp_handle);
104 return true;
105 }
106 return false;
102 } 107 }
103 108
104 // Creates a window station with a given name and the default desktop giving 109 // Creates a window station with a given name and the default desktop giving
105 // the complete access to |logon_sid|. 110 // the complete access to |logon_sid|.
106 bool CreateWindowStationAndDesktop(ScopedSid logon_sid, 111 bool CreateWindowStationAndDesktop(ScopedSid logon_sid,
107 WindowStationAndDesktop* handles_out) { 112 WindowStationAndDesktop* handles_out) {
108 // Convert the logon SID into a string. 113 // Convert the logon SID into a string.
109 std::string logon_sid_string = ConvertSidToString(logon_sid.get()); 114 std::string logon_sid_string = ConvertSidToString(logon_sid.get());
110 if (logon_sid_string.empty()) { 115 if (logon_sid_string.empty()) {
111 LOG_GETLASTERROR(ERROR) << "Failed to convert a SID to string"; 116 LOG_GETLASTERROR(ERROR) << "Failed to convert a SID to string";
(...skipping 154 matching lines...) Expand 10 before | Expand all | Expand 10 after
266 thread_attributes.lpSecurityDescriptor = thread_sd.get(); 271 thread_attributes.lpSecurityDescriptor = thread_sd.get();
267 thread_attributes.bInheritHandle = FALSE; 272 thread_attributes.bInheritHandle = FALSE;
268 273
269 ScopedHandle worker_process; 274 ScopedHandle worker_process;
270 { 275 {
271 // Take a lock why any inheritable handles are open to make sure that only 276 // Take a lock why any inheritable handles are open to make sure that only
272 // one process inherits them. 277 // one process inherits them.
273 base::AutoLock lock(g_inherit_handles_lock.Get()); 278 base::AutoLock lock(g_inherit_handles_lock.Get());
274 279
275 // Create a connected IPC channel. 280 // Create a connected IPC channel.
276 ScopedHandle client; 281 HANDLE temp_handle;
277 if (!CreateConnectedIpcChannel(io_task_runner_, this, client.Receive(), 282 if (!CreateConnectedIpcChannel(io_task_runner_, this, &temp_handle,
278 &server)) { 283 &server)) {
279 ReportFatalError(); 284 ReportFatalError();
280 return; 285 return;
281 } 286 }
287 ScopedHandle client(temp_handle);
282 288
283 // Convert the handle value into a decimal integer. Handle values are 32bit 289 // Convert the handle value into a decimal integer. Handle values are 32bit
284 // even on 64bit platforms. 290 // even on 64bit platforms.
285 std::string pipe_handle = base::StringPrintf( 291 std::string pipe_handle = base::StringPrintf(
286 "%d", reinterpret_cast<ULONG_PTR>(client.Get())); 292 "%d", reinterpret_cast<ULONG_PTR>(client.Get()));
287 293
288 // Pass the IPC channel via the command line. 294 // Pass the IPC channel via the command line.
289 CommandLine command_line(target_command_->argv()); 295 CommandLine command_line(target_command_->argv());
290 command_line.AppendSwitchASCII(kDaemonPipeSwitchName, pipe_handle); 296 command_line.AppendSwitchASCII(kDaemonPipeSwitchName, pipe_handle);
291 297
(...skipping 98 matching lines...) Expand 10 before | Expand all | Expand 10 after
390 base::win::ScopedHandle worker_process) { 396 base::win::ScopedHandle worker_process) {
391 DCHECK(CalledOnValidThread()); 397 DCHECK(CalledOnValidThread());
392 DCHECK(!worker_process_.IsValid()); 398 DCHECK(!worker_process_.IsValid());
393 399
394 worker_process_ = worker_process.Pass(); 400 worker_process_ = worker_process.Pass();
395 401
396 // Report a handle that can be used to wait for the worker process completion, 402 // Report a handle that can be used to wait for the worker process completion,
397 // query information about the process and duplicate handles. 403 // query information about the process and duplicate handles.
398 DWORD desired_access = 404 DWORD desired_access =
399 SYNCHRONIZE | PROCESS_DUP_HANDLE | PROCESS_QUERY_INFORMATION; 405 SYNCHRONIZE | PROCESS_DUP_HANDLE | PROCESS_QUERY_INFORMATION;
400 ScopedHandle limited_handle; 406 HANDLE temp_handle;
401 if (!DuplicateHandle(GetCurrentProcess(), 407 if (!DuplicateHandle(GetCurrentProcess(),
402 worker_process_, 408 worker_process_,
403 GetCurrentProcess(), 409 GetCurrentProcess(),
404 limited_handle.Receive(), 410 &temp_handle,
405 desired_access, 411 desired_access,
406 FALSE, 412 FALSE,
407 0)) { 413 0)) {
408 LOG_GETLASTERROR(ERROR) << "Failed to duplicate a handle"; 414 LOG_GETLASTERROR(ERROR) << "Failed to duplicate a handle";
409 ReportFatalError(); 415 ReportFatalError();
410 return; 416 return;
411 } 417 }
418 ScopedHandle limited_handle(temp_handle);
412 419
413 event_handler_->OnProcessLaunched(limited_handle.Pass()); 420 event_handler_->OnProcessLaunched(limited_handle.Pass());
414 } 421 }
415 422
416 } // namespace remoting 423 } // namespace remoting
OLDNEW
« no previous file with comments | « remoting/host/win/launch_process_with_token.cc ('k') | remoting/host/win/worker_process_launcher_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698