| Index: content/common/sandbox_policy.cc
|
| diff --git a/content/common/sandbox_policy.cc b/content/common/sandbox_policy.cc
|
| index dc07070154137b9fb34971eb0b9c455079c58776..da359a8816b7443dc93c8b1fff1369a0d603a56e 100644
|
| --- a/content/common/sandbox_policy.cc
|
| +++ b/content/common/sandbox_policy.cc
|
| @@ -22,6 +22,7 @@
|
| #include "content/public/common/content_client.h"
|
| #include "content/public/common/content_switches.h"
|
| #include "content/public/common/process_type.h"
|
| +#include "content/public/common/sandbox_init.h"
|
| #include "sandbox/src/sandbox.h"
|
| #include "ui/gfx/gl/gl_switches.h"
|
|
|
| @@ -458,41 +459,6 @@ bool InitTargetServices(sandbox::TargetServices* target_services) {
|
| return SBOX_ALL_OK == result;
|
| }
|
|
|
| -bool BrokerDuplicateHandle(HANDLE source_handle,
|
| - DWORD target_process_id,
|
| - HANDLE* target_handle,
|
| - DWORD desired_access,
|
| - DWORD options) {
|
| - // If our process is the target just duplicate the handle.
|
| - if (::GetCurrentProcessId() == target_process_id) {
|
| - return !!::DuplicateHandle(::GetCurrentProcess(), source_handle,
|
| - ::GetCurrentProcess(), target_handle,
|
| - desired_access, FALSE, options);
|
| -
|
| - }
|
| -
|
| - // Try the broker next
|
| - if (g_target_services &&
|
| - g_target_services->DuplicateHandle(source_handle, target_process_id,
|
| - target_handle, desired_access,
|
| - options) == SBOX_ALL_OK) {
|
| - return true;
|
| - }
|
| -
|
| - // Finally, see if we already have access to the process.
|
| - base::win::ScopedHandle target_process;
|
| - target_process.Set(::OpenProcess(PROCESS_DUP_HANDLE, FALSE,
|
| - target_process_id));
|
| - if (target_process.IsValid()) {
|
| - return !!::DuplicateHandle(::GetCurrentProcess(), source_handle,
|
| - target_process, target_handle,
|
| - desired_access, FALSE, options);
|
| - }
|
| -
|
| - return false;
|
| -}
|
| -
|
| -
|
| base::ProcessHandle StartProcessWithAccess(CommandLine* cmd_line,
|
| const FilePath& exposed_dir) {
|
| const CommandLine& browser_command_line = *CommandLine::ForCurrentProcess();
|
| @@ -688,3 +654,41 @@ base::ProcessHandle StartProcessWithAccess(CommandLine* cmd_line,
|
| }
|
|
|
| } // namespace sandbox
|
| +
|
| +namespace content {
|
| +
|
| +bool BrokerDuplicateHandle(HANDLE source_handle,
|
| + DWORD target_process_id,
|
| + HANDLE* target_handle,
|
| + DWORD desired_access,
|
| + DWORD options) {
|
| + // If our process is the target just duplicate the handle.
|
| + if (::GetCurrentProcessId() == target_process_id) {
|
| + return !!::DuplicateHandle(::GetCurrentProcess(), source_handle,
|
| + ::GetCurrentProcess(), target_handle,
|
| + desired_access, FALSE, options);
|
| +
|
| + }
|
| +
|
| + // Try the broker next
|
| + if (g_target_services &&
|
| + g_target_services->DuplicateHandle(source_handle, target_process_id,
|
| + target_handle, desired_access,
|
| + options) == sandbox::SBOX_ALL_OK) {
|
| + return true;
|
| + }
|
| +
|
| + // Finally, see if we already have access to the process.
|
| + base::win::ScopedHandle target_process;
|
| + target_process.Set(::OpenProcess(PROCESS_DUP_HANDLE, FALSE,
|
| + target_process_id));
|
| + if (target_process.IsValid()) {
|
| + return !!::DuplicateHandle(::GetCurrentProcess(), source_handle,
|
| + target_process, target_handle,
|
| + desired_access, FALSE, options);
|
| + }
|
| +
|
| + return false;
|
| +}
|
| +
|
| +} // namespace content
|
|
|
Chromium Code Reviews
Issue 10082018:
Move BrokerDuplicateHandle() to be declared in content/public (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src