OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // This file contains the validation tests for the sandbox. | 5 // This file contains the validation tests for the sandbox. |
6 // It includes the tests that need to be performed inside the | 6 // It includes the tests that need to be performed inside the |
7 // sandbox. | 7 // sandbox. |
8 | 8 |
9 #include <shlwapi.h> | 9 #include <shlwapi.h> |
10 | 10 |
11 #include "testing/gtest/include/gtest/gtest.h" | 11 #include "testing/gtest/include/gtest/gtest.h" |
(...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
98 | 98 |
99 // Tests if the processes are correctly protected by the sandbox. | 99 // Tests if the processes are correctly protected by the sandbox. |
100 TEST(ValidationSuite, TestProcess) { | 100 TEST(ValidationSuite, TestProcess) { |
101 TestRunner runner; | 101 TestRunner runner; |
102 wchar_t command[1024] = {0}; | 102 wchar_t command[1024] = {0}; |
103 | 103 |
104 wsprintf(command, L"OpenProcessCmd %d", ::GetCurrentProcessId()); | 104 wsprintf(command, L"OpenProcessCmd %d", ::GetCurrentProcessId()); |
105 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(command)); | 105 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(command)); |
106 } | 106 } |
107 | 107 |
108 // Tests that sandboxed processes are explicitly denied access to the broker | |
109 // (and, transitively, each other). | |
110 TEST(ValidationSuite, TestProcessDenyAces) { | |
111 TestRunner runner; | |
112 wchar_t command[1024] = {0}; | |
113 | |
114 runner.GetPolicy()->SetTokenLevel(USER_INTERACTIVE, USER_INTERACTIVE); | |
115 runner.GetPolicy()->SetIntegrityLevel(INTEGRITY_LEVEL_MEDIUM); | |
116 | |
117 wsprintf(command, L"OpenProcessCmd %d", ::GetCurrentProcessId()); | |
118 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(command)); | |
119 } | |
120 | |
121 // Tests if the threads are correctly protected by the sandbox. | 108 // Tests if the threads are correctly protected by the sandbox. |
122 TEST(ValidationSuite, TestThread) { | 109 TEST(ValidationSuite, TestThread) { |
123 TestRunner runner; | 110 TestRunner runner; |
124 wchar_t command[1024] = {0}; | 111 wchar_t command[1024] = {0}; |
125 | 112 |
126 wsprintf(command, L"OpenThreadCmd %d", ::GetCurrentThreadId()); | 113 wsprintf(command, L"OpenThreadCmd %d", ::GetCurrentThreadId()); |
127 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(command)); | 114 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(command)); |
128 } | 115 } |
129 | 116 |
130 } // namespace sandbox | 117 } // namespace sandbox |
OLD | NEW |