Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(71)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/win/src/app_container.h

Issue 937353002: Adding method to create process using LowBox token in sandbox code. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Added platform checking Created 5 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« content/common/sandbox_win.cc ('K') | « content/common/sandbox_win.cc ('k') | sandbox/win/src/app_container.cc » ('j') | sandbox/win/src/broker_services.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef SANDBOX_WIN_SRC_APP_CONTAINER_H_ 5 #ifndef SANDBOX_WIN_SRC_APP_CONTAINER_H_
6 #define SANDBOX_WIN_SRC_APP_CONTAINER_H_ 6 #define SANDBOX_WIN_SRC_APP_CONTAINER_H_
7 7
8 #include <windows.h> 8 #include <windows.h>
9 9
10 #include <vector> 10 #include <vector>
(...skipping 19 matching lines...) Expand all
30 30
31 // Sets the AppContainer and capabilities to be used with the new process. 31 // Sets the AppContainer and capabilities to be used with the new process.
32 ResultCode SetAppContainer(const base::string16& app_container_sid, 32 ResultCode SetAppContainer(const base::string16& app_container_sid,
33 const std::vector<base::string16>& capabilities); 33 const std::vector<base::string16>& capabilities);
34 34
35 // Updates the proc_thred attribute list of the provided startup_information 35 // Updates the proc_thred attribute list of the provided startup_information
36 // with the app container related data. 36 // with the app container related data.
37 // WARNING: startup_information just points back to our internal memory, so 37 // WARNING: startup_information just points back to our internal memory, so
38 // the lifetime of this object has to be greater than the lifetime of the 38 // the lifetime of this object has to be greater than the lifetime of the
39 // provided startup_information. 39 // provided startup_information.
40 ResultCode ShareForStartup( 40 ResultCode ShareForStartup(
rvargas (doing something else) 2015/02/21 01:01:22 Looks like we can remove this code too.
Shrikant Kelkar 2015/02/21 02:32:40 Done.
41 base::win::StartupInformation* startup_information) const; 41 base::win::StartupInformation* startup_information) const;
42 42
43 bool HasAppContainer() const; 43 bool HasAppContainer() const;
44 44
45 // Returns security capabilities structure, which is populated when you call
46 // SetAppContainer.
47 const SECURITY_CAPABILITIES& GetCapabilities() const;
48
45 private: 49 private:
46 SECURITY_CAPABILITIES capabilities_; 50 SECURITY_CAPABILITIES capabilities_;
47 std::vector<SID_AND_ATTRIBUTES> attributes_; 51 std::vector<SID_AND_ATTRIBUTES> attributes_;
48 52
49 DISALLOW_COPY_AND_ASSIGN(AppContainerAttributes); 53 DISALLOW_COPY_AND_ASSIGN(AppContainerAttributes);
50 }; 54 };
51 55
52 // Creates a new AppContainer on the system. |sid| is the identifier of the new 56 // Creates a new AppContainer on the system. |sid| is the identifier of the new
53 // AppContainer, and |name| will be used as both the display name and moniker. 57 // AppContainer, and |name| will be used as both the display name and moniker.
54 // This function fails if the OS doesn't support AppContainers, or if there is 58 // This function fails if the OS doesn't support AppContainers, or if there is
55 // an AppContainer registered with the same id. 59 // an AppContainer registered with the same id.
56 ResultCode CreateAppContainer(const base::string16& sid, 60 ResultCode CreateAppContainer(const base::string16& sid,
57 const base::string16& name); 61 const base::string16& name);
58 62
59 // Deletes an AppContainer previously created with a successfull call to 63 // Deletes an AppContainer previously created with a successfull call to
60 // CreateAppContainer. 64 // CreateAppContainer.
61 ResultCode DeleteAppContainer(const base::string16& sid); 65 ResultCode DeleteAppContainer(const base::string16& sid);
62 66
63 // Retrieves the name associated with the provided AppContainer sid. Returns an 67 // Retrieves the name associated with the provided AppContainer sid. Returns an
64 // empty string if the AppContainer is not registered with the system. 68 // empty string if the AppContainer is not registered with the system.
65 base::string16 LookupAppContainer(const base::string16& sid); 69 base::string16 LookupAppContainer(const base::string16& sid);
66 70
67 } // namespace sandbox 71 } // namespace sandbox
68 72
69 #endif // SANDBOX_WIN_SRC_APP_CONTAINER_H_ 73 #endif // SANDBOX_WIN_SRC_APP_CONTAINER_H_
OLDNEW
« content/common/sandbox_win.cc ('K') | « content/common/sandbox_win.cc ('k') | sandbox/win/src/app_container.cc » ('j') | sandbox/win/src/broker_services.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698