| OLD | NEW |
|---|
| 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/win/src/restricted_token.h" | 5 #include "sandbox/win/src/restricted_token.h" |
| 6 | 6 |
| 7 #include <vector> | 7 #include <vector> |
| 8 | 8 |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "sandbox/win/src/acl.h" | 10 #include "sandbox/win/src/acl.h" |
| 11 #include "sandbox/win/src/win_utils.h" | 11 #include "sandbox/win/src/win_utils.h" |
| 12 | 12 |
| 13 | 13 |
| 14 namespace sandbox { | 14 namespace sandbox { |
| 15 | 15 |
| 16 unsigned RestrictedToken::Init(const HANDLE effective_token) { | 16 unsigned RestrictedToken::Init(const HANDLE effective_token) { |
| 17 DCHECK(!init_); | 17 DCHECK(!init_); |
| 18 if (init_) | 18 if (init_) |
| 19 return ERROR_ALREADY_INITIALIZED; | 19 return ERROR_ALREADY_INITIALIZED; |
| 20 | 20 |
| 21 if (effective_token) { | 21 if (effective_token) { |
| 22 // We duplicate the handle to be able to use it even if the original handle | 22 // We duplicate the handle to be able to use it even if the original handle |
| 23 // is closed. | 23 // is closed. |
| 24 HANDLE effective_token_dup; | 24 HANDLE effective_token_dup; |
| 25 if (::DuplicateHandle(::GetCurrentProcess(), | 25 if (::DuplicateHandle(::GetCurrentProcess(), |
| 26 effective_token, | 26 effective_token, |
| 27 ::GetCurrentProcess(), | 27 ::GetCurrentProcess(), |
| 28 &effective_token_dup, | 28 &effective_token_dup, |
| 29 DUPLICATE_SAME_ACCESS, | 29 0, |
| 30 FALSE, | 30 FALSE, |
| 31 0)) { // no special options | 31 DUPLICATE_SAME_ACCESS)) { |
| 32 effective_token_ = effective_token_dup; | 32 effective_token_ = effective_token_dup; |
| 33 } else { | 33 } else { |
| 34 return ::GetLastError(); | 34 return ::GetLastError(); |
| 35 } | 35 } |
| 36 } else { | 36 } else { |
| 37 if (!::OpenProcessToken(::GetCurrentProcess(), | 37 if (!::OpenProcessToken(::GetCurrentProcess(), |
| 38 TOKEN_ALL_ACCESS, | 38 TOKEN_ALL_ACCESS, |
| 39 &effective_token_)) | 39 &effective_token_)) |
| 40 return ::GetLastError(); | 40 return ::GetLastError(); |
| 41 } | 41 } |
| (...skipping 214 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 256 | 256 |
| 257 DWORD size = sizeof(TOKEN_USER) + SECURITY_MAX_SID_SIZE; | 257 DWORD size = sizeof(TOKEN_USER) + SECURITY_MAX_SID_SIZE; |
| 258 TOKEN_USER* token_user = reinterpret_cast<TOKEN_USER*>(new BYTE[size]); | 258 TOKEN_USER* token_user = reinterpret_cast<TOKEN_USER*>(new BYTE[size]); |
| 259 | 259 |
| 260 BOOL result = ::GetTokenInformation(effective_token_, | 260 BOOL result = ::GetTokenInformation(effective_token_, |
| 261 TokenUser, | 261 TokenUser, |
| 262 token_user, | 262 token_user, |
| 263 size, | 263 size, |
| 264 &size); | 264 &size); |
| 265 | 265 |
| 266 if (!result) { |
| 267 delete[] reinterpret_cast<BYTE*>(token_user); |
| 268 return ::GetLastError(); |
| 269 } |
| 270 |
| 266 Sid user = reinterpret_cast<SID*>(token_user->User.Sid); | 271 Sid user = reinterpret_cast<SID*>(token_user->User.Sid); |
| 272 sids_for_deny_only_.push_back(user); |
| 273 |
| 267 delete[] reinterpret_cast<BYTE*>(token_user); | 274 delete[] reinterpret_cast<BYTE*>(token_user); |
| 268 | 275 |
| 269 if (!result) | |
| 270 return ::GetLastError(); | |
| 271 | |
| 272 sids_for_deny_only_.push_back(user); | |
| 273 return ERROR_SUCCESS; | 276 return ERROR_SUCCESS; |
| 274 } | 277 } |
| 275 | 278 |
| 276 unsigned RestrictedToken::DeleteAllPrivileges( | 279 unsigned RestrictedToken::DeleteAllPrivileges( |
| 277 const std::vector<std::wstring> *exceptions) { | 280 const std::vector<std::wstring> *exceptions) { |
| 278 DCHECK(init_); | 281 DCHECK(init_); |
| 279 if (!init_) | 282 if (!init_) |
| 280 return ERROR_NO_TOKEN; | 283 return ERROR_NO_TOKEN; |
| 281 | 284 |
| 282 // Get the list of privileges in the token | 285 // Get the list of privileges in the token |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 316 break; | 319 break; |
| 317 } | 320 } |
| 318 } | 321 } |
| 319 } | 322 } |
| 320 if (!should_ignore) { | 323 if (!should_ignore) { |
| 321 privileges_to_disable_.push_back(token_privileges->Privileges[i].Luid); | 324 privileges_to_disable_.push_back(token_privileges->Privileges[i].Luid); |
| 322 } | 325 } |
| 323 } | 326 } |
| 324 | 327 |
| 325 delete[] reinterpret_cast<BYTE *>(token_privileges); | 328 delete[] reinterpret_cast<BYTE *>(token_privileges); |
| 329 |
| 326 return ERROR_SUCCESS; | 330 return ERROR_SUCCESS; |
| 327 } | 331 } |
| 328 | 332 |
| 329 unsigned RestrictedToken::DeletePrivilege(const wchar_t *privilege) { | 333 unsigned RestrictedToken::DeletePrivilege(const wchar_t *privilege) { |
| 330 DCHECK(init_); | 334 DCHECK(init_); |
| 331 if (!init_) | 335 if (!init_) |
| 332 return ERROR_NO_TOKEN; | 336 return ERROR_NO_TOKEN; |
| 333 | 337 |
| 334 LUID luid = {0}; | 338 LUID luid = {0}; |
| 335 if (LookupPrivilegeValue(NULL, privilege, &luid)) | 339 if (LookupPrivilegeValue(NULL, privilege, &luid)) |
| (...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 399 | 403 |
| 400 DWORD size = sizeof(TOKEN_USER) + SECURITY_MAX_SID_SIZE; | 404 DWORD size = sizeof(TOKEN_USER) + SECURITY_MAX_SID_SIZE; |
| 401 TOKEN_USER* token_user = reinterpret_cast<TOKEN_USER*>(new BYTE[size]); | 405 TOKEN_USER* token_user = reinterpret_cast<TOKEN_USER*>(new BYTE[size]); |
| 402 | 406 |
| 403 BOOL result = ::GetTokenInformation(effective_token_, | 407 BOOL result = ::GetTokenInformation(effective_token_, |
| 404 TokenUser, | 408 TokenUser, |
| 405 token_user, | 409 token_user, |
| 406 size, | 410 size, |
| 407 &size); | 411 &size); |
| 408 | 412 |
| 413 if (!result) { |
| 414 delete[] reinterpret_cast<BYTE*>(token_user); |
| 415 return ::GetLastError(); |
| 416 } |
| 417 |
| 409 Sid user = reinterpret_cast<SID*>(token_user->User.Sid); | 418 Sid user = reinterpret_cast<SID*>(token_user->User.Sid); |
| 419 sids_to_restrict_.push_back(user); |
| 420 |
| 410 delete[] reinterpret_cast<BYTE*>(token_user); | 421 delete[] reinterpret_cast<BYTE*>(token_user); |
| 411 | 422 |
| 412 | |
| 413 if (!result) | |
| 414 return ::GetLastError(); | |
| 415 | |
| 416 sids_to_restrict_.push_back(user); | |
| 417 return ERROR_SUCCESS; | 423 return ERROR_SUCCESS; |
| 418 } | 424 } |
| 419 | 425 |
| 420 unsigned RestrictedToken::AddRestrictingSidAllSids() { | 426 unsigned RestrictedToken::AddRestrictingSidAllSids() { |
| 421 DCHECK(init_); | 427 DCHECK(init_); |
| 422 if (!init_) | 428 if (!init_) |
| 423 return ERROR_NO_TOKEN; | 429 return ERROR_NO_TOKEN; |
| 424 | 430 |
| 425 // Add the current user to the list. | 431 // Add the current user to the list. |
| 426 unsigned error = AddRestrictingSidCurrentUser(); | 432 unsigned error = AddRestrictingSidCurrentUser(); |
| (...skipping 30 matching lines...) Expand all Loading... |
| 457 | 463 |
| 458 return ERROR_SUCCESS; | 464 return ERROR_SUCCESS; |
| 459 } | 465 } |
| 460 | 466 |
| 461 unsigned RestrictedToken::SetIntegrityLevel(IntegrityLevel integrity_level) { | 467 unsigned RestrictedToken::SetIntegrityLevel(IntegrityLevel integrity_level) { |
| 462 integrity_level_ = integrity_level; | 468 integrity_level_ = integrity_level; |
| 463 return ERROR_SUCCESS; | 469 return ERROR_SUCCESS; |
| 464 } | 470 } |
| 465 | 471 |
| 466 } // namespace sandbox | 472 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10844003:
Fixing a couple of issues in sandbox::RestrictedToken: (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src