Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(526)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/src/target_process.cc

Issue 9801003: Revert 127820 - Revert 127795 - Make sandbox explicitly block opening broker and sandboxed processes (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 8 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « sandbox/src/target_process.h ('k') | sandbox/tests/validation_tests/suite.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sandbox/src/target_process.h" 5 #include "sandbox/src/target_process.h"
6 6
7 #include "base/basictypes.h" 7 #include "base/basictypes.h"
8 #include "base/memory/scoped_ptr.h" 8 #include "base/memory/scoped_ptr.h"
9 #include "base/win/pe_image.h" 9 #include "base/win/pe_image.h"
10 #include "sandbox/src/crosscall_server.h" 10 #include "sandbox/src/crosscall_server.h"
(...skipping 123 matching lines...) Expand 10 before | Expand all | Expand 10 after
134 if (shared_section_) 134 if (shared_section_)
135 ::CloseHandle(shared_section_); 135 ::CloseHandle(shared_section_);
136 free(exe_name_); 136 free(exe_name_);
137 } 137 }
138 138
139 // Creates the target (child) process suspended and assigns it to the job 139 // Creates the target (child) process suspended and assigns it to the job
140 // object. 140 // object.
141 DWORD TargetProcess::Create(const wchar_t* exe_path, 141 DWORD TargetProcess::Create(const wchar_t* exe_path,
142 const wchar_t* command_line, 142 const wchar_t* command_line,
143 const wchar_t* desktop, 143 const wchar_t* desktop,
144 PSECURITY_ATTRIBUTES security_attributes,
144 PROCESS_INFORMATION* target_info) { 145 PROCESS_INFORMATION* target_info) {
145 exe_name_ = _wcsdup(exe_path); 146 exe_name_ = _wcsdup(exe_path);
146 147
147 // the command line needs to be writable by CreateProcess(). 148 // the command line needs to be writable by CreateProcess().
148 scoped_ptr_malloc<wchar_t> cmd_line(_wcsdup(command_line)); 149 scoped_ptr_malloc<wchar_t> cmd_line(_wcsdup(command_line));
149 scoped_ptr_malloc<wchar_t> desktop_name(desktop ? _wcsdup(desktop) : NULL); 150 scoped_ptr_malloc<wchar_t> desktop_name(desktop ? _wcsdup(desktop) : NULL);
150 151
151 // Start the target process suspended. 152 // Start the target process suspended.
152 const DWORD flags = CREATE_SUSPENDED | CREATE_BREAKAWAY_FROM_JOB | 153 const DWORD flags = CREATE_SUSPENDED | CREATE_BREAKAWAY_FROM_JOB |
153 CREATE_UNICODE_ENVIRONMENT | DETACHED_PROCESS; 154 CREATE_UNICODE_ENVIRONMENT | DETACHED_PROCESS;
154 155
155 STARTUPINFO startup_info = {sizeof(STARTUPINFO)}; 156 STARTUPINFO startup_info = {sizeof(STARTUPINFO)};
156 if (desktop) { 157 if (desktop) {
157 startup_info.lpDesktop = desktop_name.get(); 158 startup_info.lpDesktop = desktop_name.get();
158 } 159 }
159 160
160 PROCESS_INFORMATION process_info = {0}; 161 PROCESS_INFORMATION process_info = {0};
161 162
162 if (!::CreateProcessAsUserW(lockdown_token_, 163 if (!::CreateProcessAsUserW(lockdown_token_,
163 exe_path, 164 exe_path,
164 cmd_line.get(), 165 cmd_line.get(),
165 NULL, // No security attribute. 166 security_attributes,
166 NULL, // No thread attribute. 167 NULL, // No thread attribute.
167 FALSE, // Do not inherit handles. 168 FALSE, // Do not inherit handles.
168 flags, 169 flags,
169 NULL, // Use the environment of the caller. 170 NULL, // Use the environment of the caller.
170 NULL, // Use current directory of the caller. 171 NULL, // Use current directory of the caller.
171 &startup_info, 172 &startup_info,
172 &process_info)) { 173 &process_info)) {
173 return ::GetLastError(); 174 return ::GetLastError();
174 } 175 }
175 176
(...skipping 167 matching lines...) Expand 10 before | Expand all | Expand 10 after
343 344
344 345
345 TargetProcess* MakeTestTargetProcess(HANDLE process, HMODULE base_address) { 346 TargetProcess* MakeTestTargetProcess(HANDLE process, HMODULE base_address) {
346 TargetProcess* target = new TargetProcess(NULL, NULL, NULL, NULL); 347 TargetProcess* target = new TargetProcess(NULL, NULL, NULL, NULL);
347 target->sandbox_process_ = process; 348 target->sandbox_process_ = process;
348 target->base_address_ = base_address; 349 target->base_address_ = base_address;
349 return target; 350 return target;
350 } 351 }
351 352
352 } // namespace sandbox 353 } // namespace sandbox
OLDNEW
« no previous file with comments | « sandbox/src/target_process.h ('k') | sandbox/tests/validation_tests/suite.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698