OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <windows.h> | 5 #include <windows.h> |
6 | 6 |
7 #define _ATL_NO_EXCEPTIONS | 7 #define _ATL_NO_EXCEPTIONS |
8 #include <atlbase.h> | 8 #include <atlbase.h> |
9 #include <atlsecurity.h> | 9 #include <atlsecurity.h> |
10 | 10 |
(...skipping 123 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
134 | 134 |
135 TEST(AppContainerTest, RequiresImpersonation) { | 135 TEST(AppContainerTest, RequiresImpersonation) { |
136 if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8) | 136 if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8) |
137 return; | 137 return; |
138 | 138 |
139 TestRunner runner(JOB_UNPROTECTED, USER_RESTRICTED, USER_RESTRICTED); | 139 TestRunner runner(JOB_UNPROTECTED, USER_RESTRICTED, USER_RESTRICTED); |
140 EXPECT_EQ(SBOX_ERROR_CANNOT_INIT_APPCONTAINER, | 140 EXPECT_EQ(SBOX_ERROR_CANNOT_INIT_APPCONTAINER, |
141 runner.GetPolicy()->SetAppContainer(kAppContainerSid)); | 141 runner.GetPolicy()->SetAppContainer(kAppContainerSid)); |
142 } | 142 } |
143 | 143 |
| 144 TEST(AppContainerTest, DenyOpenEventForLowBox) { |
| 145 if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8) |
| 146 return; |
| 147 |
| 148 TestRunner runner(JOB_UNPROTECTED, USER_UNPROTECTED, USER_UNPROTECTED); |
| 149 |
| 150 base::win::ScopedHandle event(CreateEvent(NULL, FALSE, FALSE, L"test")); |
| 151 ASSERT_TRUE(event.IsValid()); |
| 152 |
| 153 EXPECT_EQ(SBOX_ALL_OK, runner.GetPolicy()->SetLowBox(kAppContainerSid)); |
| 154 |
| 155 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(L"Event_Open f test")); |
| 156 } |
| 157 |
| 158 // TODO(shrikant): Please add some tests to prove usage of lowbox token like |
| 159 // socket connection to local server in lock down mode. |
| 160 |
144 } // namespace sandbox | 161 } // namespace sandbox |
OLD | NEW |