1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
|
# HG changeset patch
# User Bob Owen <bobowencode@gmail.com>
# Date 1677499923 0
# Mon Feb 27 12:12:03 2023 +0000
Expose Sid::FromNamedCapability through broker services.
diff --git a/security/sandbox/chromium/sandbox/win/src/broker_services.cc b/security/sandbox/chromium/sandbox/win/src/broker_services.cc
--- a/security/sandbox/chromium/sandbox/win/src/broker_services.cc
+++ b/security/sandbox/chromium/sandbox/win/src/broker_services.cc
@@ -730,9 +730,16 @@ ResultCode BrokerServicesBase::GetPolicy
return SBOX_ERROR_GENERIC;
}
// Ownership has passed to tracker thread.
receiver.release();
return SBOX_ALL_OK;
}
+bool BrokerServicesBase::DeriveCapabilitySidFromName(const wchar_t* name,
+ PSID derived_sid,
+ DWORD sid_buffer_length) {
+ return ::CopySid(sid_buffer_length, derived_sid,
+ Sid::FromNamedCapability(name).GetPSID());
+}
+
} // namespace sandbox
diff --git a/security/sandbox/chromium/sandbox/win/src/broker_services.h b/security/sandbox/chromium/sandbox/win/src/broker_services.h
--- a/security/sandbox/chromium/sandbox/win/src/broker_services.h
+++ b/security/sandbox/chromium/sandbox/win/src/broker_services.h
@@ -57,16 +57,19 @@ class BrokerServicesBase final : public
// target processes. We use this method for the specific purpose of
// checking if we can safely duplicate a handle to the supplied process
// in DuplicateHandleProxyAction.
bool IsSafeDuplicationTarget(DWORD process_id);
ResultCode GetPolicyDiagnostics(
std::unique_ptr<PolicyDiagnosticsReceiver> receiver) override;
+ bool DeriveCapabilitySidFromName(const wchar_t* name, PSID derived_sid,
+ DWORD sid_buffer_length) override;
+
private:
// The routine that the worker thread executes. It is in charge of
// notifications and cleanup-related tasks.
static DWORD WINAPI TargetEventsThread(PVOID param);
// The completion port used by the job objects to communicate events to
// the worker thread.
base::win::ScopedHandle job_port_;
diff --git a/security/sandbox/chromium/sandbox/win/src/sandbox.h b/security/sandbox/chromium/sandbox/win/src/sandbox.h
--- a/security/sandbox/chromium/sandbox/win/src/sandbox.h
+++ b/security/sandbox/chromium/sandbox/win/src/sandbox.h
@@ -117,16 +117,21 @@ class BrokerServices {
// called to accept the results of the call.
// Returns:
// ALL_OK if the request was dispatched. All other return values
// imply failure, and the responder will not receive its completion
// callback.
virtual ResultCode GetPolicyDiagnostics(
std::unique_ptr<PolicyDiagnosticsReceiver> receiver) = 0;
+ // Derive a capability PSID from the given string.
+ virtual bool DeriveCapabilitySidFromName(const wchar_t* name,
+ PSID derived_sid,
+ DWORD sid_buffer_length) = 0;
+
protected:
~BrokerServices() {}
};
// TargetServices models the current process from the perspective
// of a target process. To obtain a pointer to it use
// Sandbox::GetTargetServices(). Note that this call returns a non-null
// pointer only if this process is in fact a target. A process is a target
|
