diff options
Diffstat (limited to 'toolkit/components/maintenanceservice/tests/gtest/ServiceStartInteractiveOnly.cpp')
| -rw-r--r-- | toolkit/components/maintenanceservice/tests/gtest/ServiceStartInteractiveOnly.cpp | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/toolkit/components/maintenanceservice/tests/gtest/ServiceStartInteractiveOnly.cpp b/toolkit/components/maintenanceservice/tests/gtest/ServiceStartInteractiveOnly.cpp new file mode 100644 index 0000000000..beff8e8e47 --- /dev/null +++ b/toolkit/components/maintenanceservice/tests/gtest/ServiceStartInteractiveOnly.cpp @@ -0,0 +1,52 @@ +#include "gtest/gtest.h" + +#include <stdio.h> +#include <windows.h> +#include <sddl.h> + +#include "nsWindowsHelpers.h" + +TEST(MaintenanceServiceTest, ServiceStartInteractiveOnly) +{ + // First, make a restricted token that excludes the Interactive group. + SID_AND_ATTRIBUTES sid; + DWORD SIDSize = SECURITY_MAX_SID_SIZE; + sid.Sid = LocalAlloc(LMEM_FIXED, SIDSize); + // Automatically free the SID when we are done with it. + UniqueSidPtr uniqueSid(sid.Sid); + ASSERT_TRUE(sid.Sid); + + BOOL success = + CreateWellKnownSid(WinInteractiveSid, nullptr, sid.Sid, &SIDSize); + ASSERT_TRUE(success); + + HANDLE primaryToken; + success = + OpenProcessToken(GetCurrentProcess(), TOKEN_ALL_ACCESS, &primaryToken); + // Automatically close the token when we are done with it. + nsAutoHandle uniquePrimaryToken(primaryToken); + ASSERT_TRUE(success); + + HANDLE restrictedToken; + success = CreateRestrictedToken(primaryToken, 0, 1, &sid, 0, nullptr, 0, + nullptr, &restrictedToken); + // Automatically close the token when we are done with it. + nsAutoHandle uniqueRestrictedToken(restrictedToken); + ASSERT_TRUE(success); + + success = ImpersonateLoggedOnUser(restrictedToken); + ASSERT_TRUE(success); + + SC_HANDLE scmHandle = + OpenSCManagerW(L"127.0.0.1", nullptr, SC_MANAGER_CONNECT); + // Automatically close the SCM when we are done with it. + nsAutoServiceHandle uniqueScmHandle(scmHandle); + ASSERT_TRUE(scmHandle); + + SC_HANDLE serviceHandle = + OpenServiceW(scmHandle, L"MozillaMaintenance", SERVICE_START); + // Automatically close the SCM when we are done with it. + nsAutoServiceHandle uniqueServiceHandle(serviceHandle); + ASSERT_FALSE(serviceHandle); + ASSERT_EQ(GetLastError(), static_cast<DWORD>(ERROR_ACCESS_DENIED)); +} |