OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <aclapi.h> | 5 #include <aclapi.h> |
6 #include <sddl.h> | 6 #include <sddl.h> |
7 #include <vector> | 7 #include <vector> |
8 | 8 |
9 #include "sandbox/win/src/restricted_token_utils.h" | 9 #include "sandbox/win/src/restricted_token_utils.h" |
10 | 10 |
(...skipping 324 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
335 HANDLE token_handle; | 335 HANDLE token_handle; |
336 if (!::OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_DEFAULT, | 336 if (!::OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_DEFAULT, |
337 &token_handle)) | 337 &token_handle)) |
338 return ::GetLastError(); | 338 return ::GetLastError(); |
339 | 339 |
340 base::win::ScopedHandle token(token_handle); | 340 base::win::ScopedHandle token(token_handle); |
341 | 341 |
342 return SetTokenIntegrityLevel(token.Get(), integrity_level); | 342 return SetTokenIntegrityLevel(token.Get(), integrity_level); |
343 } | 343 } |
344 | 344 |
345 DWORD HardenTokenIntegrityLevelPolicy(HANDLE token) { | |
346 if (base::win::GetVersion() < base::win::VERSION_VISTA) | |
cpu_(ooo_6.6-7.5)
2014/12/18 21:05:36
seven
forshaw
2014/12/19 08:30:00
Done.
| |
347 return ERROR_SUCCESS; | |
348 | |
349 DWORD last_error = 0; | |
350 DWORD length_needed = 0; | |
351 | |
352 GetKernelObjectSecurity(token, LABEL_SECURITY_INFORMATION, | |
353 NULL, 0, &length_needed); | |
354 | |
355 last_error = ::GetLastError(); | |
cpu_(ooo_6.6-7.5)
2014/12/18 21:05:36
Mixing :: style for calling windows apis. Looks at
forshaw
2014/12/19 08:30:00
Done.
| |
356 if (last_error != ERROR_INSUFFICIENT_BUFFER) | |
357 return last_error; | |
358 | |
359 std::vector<char> security_desc_buffer(length_needed); | |
360 PSECURITY_DESCRIPTOR security_desc = | |
361 reinterpret_cast<PSECURITY_DESCRIPTOR>(&security_desc_buffer[0]); | |
362 | |
363 if (!GetKernelObjectSecurity(token, LABEL_SECURITY_INFORMATION, | |
364 security_desc, length_needed, | |
365 &length_needed)) | |
366 return ::GetLastError(); | |
367 | |
368 PACL sacl = NULL; | |
369 BOOL sacl_present = FALSE; | |
370 BOOL sacl_defaulted = FALSE; | |
371 | |
372 if (!GetSecurityDescriptorSacl(security_desc, &sacl_present, | |
373 &sacl, &sacl_defaulted)) | |
374 return ::GetLastError(); | |
375 | |
376 for (DWORD ace_index = 0; ace_index < sacl->AceCount; ++ace_index) { | |
377 PSYSTEM_MANDATORY_LABEL_ACE ace; | |
378 | |
379 if (GetAce(sacl, ace_index, reinterpret_cast<LPVOID*>(&ace)) | |
380 && ace->Header.AceType == SYSTEM_MANDATORY_LABEL_ACE_TYPE) | |
381 { | |
cpu_(ooo_6.6-7.5)
2014/12/18 21:05:36
381 bracket in the previous line?
forshaw
2014/12/19 08:30:00
Done.
| |
382 ace->Mask |= SYSTEM_MANDATORY_LABEL_NO_READ_UP | |
383 | SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP; | |
384 break; | |
385 } | |
386 } | |
387 | |
388 if (!SetKernelObjectSecurity(token, LABEL_SECURITY_INFORMATION, | |
389 security_desc)) | |
390 return ::GetLastError(); | |
391 | |
392 return ERROR_SUCCESS; | |
393 } | |
394 | |
395 DWORD HardenProcessIntegrityLevelPolicy() { | |
396 if (base::win::GetVersion() < base::win::VERSION_VISTA) | |
397 return ERROR_SUCCESS; | |
398 | |
399 HANDLE token_handle; | |
400 if (!::OpenProcessToken(GetCurrentProcess(), READ_CONTROL | WRITE_OWNER, | |
401 &token_handle)) | |
402 return ::GetLastError(); | |
403 | |
404 base::win::ScopedHandle token(token_handle); | |
cpu_(ooo_6.6-7.5)
2014/12/18 21:05:36
isn't there a base/ helper for doing 399 to 404 ?
forshaw
2014/12/19 08:30:00
Not that I could see in code search. The only user
| |
405 | |
406 return HardenTokenIntegrityLevelPolicy(token.Get()); | |
407 } | |
408 | |
345 } // namespace sandbox | 409 } // namespace sandbox |
OLD | NEW |