1 files changed, 94 insertions, 0 deletions
diff --git a/security/sandbox/chromium/sandbox/win/src/app_container_profile_base.h b/security/sandbox/chromium/sandbox/win/src/app_container_profile_base.h
new file mode 100644
index 0000000000..35fb4efdf5
--- /dev/null
+++ b/security/sandbox/chromium/sandbox/win/src/app_container_profile_base.h
@@ -0,0 +1,94 @@
+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef SANDBOX_SRC_APP_CONTAINER_PROFILE_BASE_H_
+#define SANDBOX_SRC_APP_CONTAINER_PROFILE_BASE_H_
+
+#include <windows.h>
+
+#include <accctrl.h>
+
+#include <memory>
+#include <vector>
+
+#include "base/files/file_path.h"
+#include "base/memory/ref_counted.h"
+#include "base/win/scoped_handle.h"
+#include "sandbox/win/src/app_container_profile.h"
+#include "sandbox/win/src/security_capabilities.h"
+#include "sandbox/win/src/sid.h"
+
+namespace sandbox {
+
+class AppContainerProfileBase final : public AppContainerProfile {
+ public:
+  void AddRef() override;
+  void Release() override;
+  bool GetRegistryLocation(REGSAM desired_access,
+                           base::win::ScopedHandle* key) override;
+  bool GetFolderPath(base::FilePath* file_path) override;
+  bool GetPipePath(const wchar_t* pipe_name,
+                   base::FilePath* pipe_path) override;
+  bool AccessCheck(const wchar_t* object_name,
+                   SE_OBJECT_TYPE object_type,
+                   DWORD desired_access,
+                   DWORD* granted_access,
+                   BOOL* access_status) override;
+  bool AddCapability(const wchar_t* capability_name) override;
+  bool AddCapability(WellKnownCapabilities capability) override;
+  bool AddCapabilitySddl(const wchar_t* sddl_sid) override;
+  bool AddImpersonationCapability(const wchar_t* capability_name) override;
+  bool AddImpersonationCapability(WellKnownCapabilities capability) override;
+  bool AddImpersonationCapabilitySddl(const wchar_t* sddl_sid) override;
+  void SetEnableLowPrivilegeAppContainer(bool enable) override;
+  bool GetEnableLowPrivilegeAppContainer() override;
+
+  // Get the package SID for this AC.
+  Sid GetPackageSid() const;
+
+  // Get an allocated SecurityCapabilities object for this App Container.
+  std::unique_ptr<SecurityCapabilities> GetSecurityCapabilities();
+
+  // Get a vector of capabilities.
+  const std::vector<Sid>& GetCapabilities();
+
+  // Get a vector of impersonation only capabilities. Used if the process needs
+  // a more privileged token to start.
+  const std::vector<Sid>& GetImpersonationCapabilities();
+
+  // Creates a new AppContainerProfile object. This will create a new profile
+  // if it doesn't already exist. The profile must be deleted manually using
+  // the Delete method if it's no longer required.
+  static AppContainerProfileBase* Create(const wchar_t* package_name,
+                                         const wchar_t* display_name,
+                                         const wchar_t* description);
+
+  // Opens an AppContainerProfile object. No checks will be made on
+  // whether the package exists or not.
+  static AppContainerProfileBase* Open(const wchar_t* package_name);
+
+  // Delete a profile based on name. Returns true if successful, or if the
+  // package doesn't already exist.
+  static bool Delete(const wchar_t* package_name);
+
+ private:
+  AppContainerProfileBase(const Sid& package_sid);
+  ~AppContainerProfileBase();
+
+  bool BuildLowBoxToken(base::win::ScopedHandle* token);
+  bool AddCapability(const Sid& capability_sid, bool impersonation_only);
+
+  // Standard object-lifetime reference counter.
+  volatile LONG ref_count_;
+  Sid package_sid_;
+  bool enable_low_privilege_app_container_;
+  std::vector<Sid> capabilities_;
+  std::vector<Sid> impersonation_capabilities_;
+
+  DISALLOW_COPY_AND_ASSIGN(AppContainerProfileBase);
+};
+
+}  // namespace sandbox
+
+#endif  // SANDBOX_SRC_APP_CONTAINER_PROFILE_BASE_H_