Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(223)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/win/src/app_container.cc

Issue 937353002: Adding method to create process using LowBox token in sandbox code. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Added platform checking Created 5 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« sandbox/win/src/app_container.h ('K') | « sandbox/win/src/app_container.h ('k') | sandbox/win/src/broker_services.cc » ('j') | sandbox/win/src/broker_services.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sandbox/win/src/app_container.h" 5 #include "sandbox/win/src/app_container.h"
6 6
7 #include <Sddl.h> 7 #include <Sddl.h>
8 #include <vector> 8 #include <vector>
9 9
10 #include "base/logging.h" 10 #include "base/logging.h"
(...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after
87 DPLOG(ERROR) << "Failed UpdateProcThreadAttribute"; 87 DPLOG(ERROR) << "Failed UpdateProcThreadAttribute";
88 return SBOX_ERROR_CANNOT_INIT_APPCONTAINER; 88 return SBOX_ERROR_CANNOT_INIT_APPCONTAINER;
89 } 89 }
90 return SBOX_ALL_OK; 90 return SBOX_ALL_OK;
91 } 91 }
92 92
93 bool AppContainerAttributes::HasAppContainer() const { 93 bool AppContainerAttributes::HasAppContainer() const {
94 return (capabilities_.AppContainerSid != NULL); 94 return (capabilities_.AppContainerSid != NULL);
95 } 95 }
96 96
97 const SECURITY_CAPABILITIES& AppContainerAttributes::GetCapabilities() const {
98 return capabilities_;
99 }
100
97 ResultCode CreateAppContainer(const base::string16& sid, 101 ResultCode CreateAppContainer(const base::string16& sid,
98 const base::string16& name) { 102 const base::string16& name) {
99 PSID local_sid; 103 PSID local_sid;
100 if (!ConvertStringSidToSid(sid.c_str(), &local_sid)) 104 if (!ConvertStringSidToSid(sid.c_str(), &local_sid))
101 return SBOX_ERROR_INVALID_APP_CONTAINER; 105 return SBOX_ERROR_INVALID_APP_CONTAINER;
102 106
103 typedef HRESULT (WINAPI* AppContainerRegisterSidPtr)(PSID sid, 107 typedef HRESULT (WINAPI* AppContainerRegisterSidPtr)(PSID sid,
104 LPCWSTR moniker, 108 LPCWSTR moniker,
105 LPCWSTR display_name); 109 LPCWSTR display_name);
106 static AppContainerRegisterSidPtr AppContainerRegisterSid = NULL; 110 static AppContainerRegisterSidPtr AppContainerRegisterSid = NULL;
(...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after
174 if (FAILED(rv)) 178 if (FAILED(rv))
175 return base::string16(); 179 return base::string16();
176 180
177 base::string16 name(buffer); 181 base::string16 name(buffer);
178 if (!AppContainerFreeMemory(buffer)) 182 if (!AppContainerFreeMemory(buffer))
179 NOTREACHED(); 183 NOTREACHED();
180 return name; 184 return name;
181 } 185 }
182 186
183 } // namespace sandbox 187 } // namespace sandbox
OLDNEW
« sandbox/win/src/app_container.h ('K') | « sandbox/win/src/app_container.h ('k') | sandbox/win/src/broker_services.cc » ('j') | sandbox/win/src/broker_services.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698