| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <aclapi.h> | 5 #include <aclapi.h> |
| 6 #include <sddl.h> | 6 #include <sddl.h> |
| 7 #include <vector> | 7 #include <vector> |
| 8 | 8 |
| 9 #include "sandbox/win/src/restricted_token_utils.h" | 9 #include "sandbox/win/src/restricted_token_utils.h" |
| 10 | 10 |
| (...skipping 324 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 335 HANDLE token_handle; | 335 HANDLE token_handle; |
| 336 if (!::OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_DEFAULT, | 336 if (!::OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_DEFAULT, |
| 337 &token_handle)) | 337 &token_handle)) |
| 338 return ::GetLastError(); | 338 return ::GetLastError(); |
| 339 | 339 |
| 340 base::win::ScopedHandle token(token_handle); | 340 base::win::ScopedHandle token(token_handle); |
| 341 | 341 |
| 342 return SetTokenIntegrityLevel(token.Get(), integrity_level); | 342 return SetTokenIntegrityLevel(token.Get(), integrity_level); |
| 343 } | 343 } |
| 344 | 344 |
| 345 DWORD HardenTokenIntegrityLevelPolicy(HANDLE token) { |
| 346 if (base::win::GetVersion() < base::win::VERSION_WIN7) |
| 347 return ERROR_SUCCESS; |
| 348 |
| 349 DWORD last_error = 0; |
| 350 DWORD length_needed = 0; |
| 351 |
| 352 ::GetKernelObjectSecurity(token, LABEL_SECURITY_INFORMATION, |
| 353 NULL, 0, &length_needed); |
| 354 |
| 355 last_error = ::GetLastError(); |
| 356 if (last_error != ERROR_INSUFFICIENT_BUFFER) |
| 357 return last_error; |
| 358 |
| 359 std::vector<char> security_desc_buffer(length_needed); |
| 360 PSECURITY_DESCRIPTOR security_desc = |
| 361 reinterpret_cast<PSECURITY_DESCRIPTOR>(&security_desc_buffer[0]); |
| 362 |
| 363 if (!::GetKernelObjectSecurity(token, LABEL_SECURITY_INFORMATION, |
| 364 security_desc, length_needed, |
| 365 &length_needed)) |
| 366 return ::GetLastError(); |
| 367 |
| 368 PACL sacl = NULL; |
| 369 BOOL sacl_present = FALSE; |
| 370 BOOL sacl_defaulted = FALSE; |
| 371 |
| 372 if (!::GetSecurityDescriptorSacl(security_desc, &sacl_present, |
| 373 &sacl, &sacl_defaulted)) |
| 374 return ::GetLastError(); |
| 375 |
| 376 for (DWORD ace_index = 0; ace_index < sacl->AceCount; ++ace_index) { |
| 377 PSYSTEM_MANDATORY_LABEL_ACE ace; |
| 378 |
| 379 if (::GetAce(sacl, ace_index, reinterpret_cast<LPVOID*>(&ace)) |
| 380 && ace->Header.AceType == SYSTEM_MANDATORY_LABEL_ACE_TYPE) { |
| 381 ace->Mask |= SYSTEM_MANDATORY_LABEL_NO_READ_UP |
| 382 | SYSTEM_MANDATORY_LABEL_NO_EXECUTE_UP; |
| 383 break; |
| 384 } |
| 385 } |
| 386 |
| 387 if (!::SetKernelObjectSecurity(token, LABEL_SECURITY_INFORMATION, |
| 388 security_desc)) |
| 389 return ::GetLastError(); |
| 390 |
| 391 return ERROR_SUCCESS; |
| 392 } |
| 393 |
| 394 DWORD HardenProcessIntegrityLevelPolicy() { |
| 395 if (base::win::GetVersion() < base::win::VERSION_WIN7) |
| 396 return ERROR_SUCCESS; |
| 397 |
| 398 HANDLE token_handle; |
| 399 if (!::OpenProcessToken(GetCurrentProcess(), READ_CONTROL | WRITE_OWNER, |
| 400 &token_handle)) |
| 401 return ::GetLastError(); |
| 402 |
| 403 base::win::ScopedHandle token(token_handle); |
| 404 |
| 405 return HardenTokenIntegrityLevelPolicy(token.Get()); |
| 406 } |
| 407 |
| 345 } // namespace sandbox | 408 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 810083002:
Added a new process mitigation to harden process token IL policy. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master