OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "sandbox/win/src/sandbox_policy_base.h" | 5 #include "sandbox/win/src/sandbox_policy_base.h" |
6 | 6 |
7 #include <sddl.h> | 7 #include <sddl.h> |
8 | 8 |
9 #include "base/basictypes.h" | 9 #include "base/basictypes.h" |
10 #include "base/callback.h" | 10 #include "base/callback.h" |
(...skipping 441 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
452 // with the process and therefore with any thread that is not impersonating. | 452 // with the process and therefore with any thread that is not impersonating. |
453 DWORD result = CreateRestrictedToken(lockdown, lockdown_level_, | 453 DWORD result = CreateRestrictedToken(lockdown, lockdown_level_, |
454 integrity_level_, PRIMARY); | 454 integrity_level_, PRIMARY); |
455 if (ERROR_SUCCESS != result) | 455 if (ERROR_SUCCESS != result) |
456 return SBOX_ERROR_GENERIC; | 456 return SBOX_ERROR_GENERIC; |
457 | 457 |
458 // If we're launching on the alternate desktop we need to make sure the | 458 // If we're launching on the alternate desktop we need to make sure the |
459 // integrity label on the object is no higher than the sandboxed process's | 459 // integrity label on the object is no higher than the sandboxed process's |
460 // integrity level. So, we lower the label on the desktop process if it's | 460 // integrity level. So, we lower the label on the desktop process if it's |
461 // not already low enough for our process. | 461 // not already low enough for our process. |
462 if (use_alternate_desktop_ && | 462 if (alternate_desktop_handle_ && use_alternate_desktop_ && |
463 integrity_level_ != INTEGRITY_LEVEL_LAST && | 463 integrity_level_ != INTEGRITY_LEVEL_LAST && |
464 alternate_desktop_integrity_level_label_ < integrity_level_ && | 464 alternate_desktop_integrity_level_label_ < integrity_level_ && |
465 base::win::OSInfo::GetInstance()->version() >= base::win::VERSION_VISTA) { | 465 base::win::OSInfo::GetInstance()->version() >= base::win::VERSION_VISTA) { |
466 // Integrity label enum is reversed (higher level is a lower value). | 466 // Integrity label enum is reversed (higher level is a lower value). |
467 static_assert(INTEGRITY_LEVEL_SYSTEM < INTEGRITY_LEVEL_UNTRUSTED, | 467 static_assert(INTEGRITY_LEVEL_SYSTEM < INTEGRITY_LEVEL_UNTRUSTED, |
468 "Integrity level ordering reversed."); | 468 "Integrity level ordering reversed."); |
469 result = SetObjectIntegrityLabel(alternate_desktop_handle_, | 469 result = SetObjectIntegrityLabel(alternate_desktop_handle_, |
470 SE_WINDOW_OBJECT, | 470 SE_WINDOW_OBJECT, |
471 L"", | 471 L"", |
472 GetIntegrityLevelString(integrity_level_)); | 472 GetIntegrityLevelString(integrity_level_)); |
(...skipping 267 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
740 break; | 740 break; |
741 } | 741 } |
742 | 742 |
743 default: { return SBOX_ERROR_UNSUPPORTED; } | 743 default: { return SBOX_ERROR_UNSUPPORTED; } |
744 } | 744 } |
745 | 745 |
746 return SBOX_ALL_OK; | 746 return SBOX_ALL_OK; |
747 } | 747 } |
748 | 748 |
749 } // namespace sandbox | 749 } // namespace sandbox |
OLD | NEW |