diff options
| author | phajdan.jr@chromium.org <phajdan.jr@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-06-19 11:25:02 +0000 |
|---|---|---|
| committer | phajdan.jr@chromium.org <phajdan.jr@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-06-19 11:25:02 +0000 |
| commit | 1fcc9edcf037375d6b5b67fbca1eab3c19a68c33 (patch) | |
| tree | bf0bd24602579db2eb9d5b38fcb9be96b672b0f7 | |
| parent | ccaddf9653bd5ddb1ae1426cfa61572385ed717d (diff) | |
| download | chromium_src-1fcc9edcf037375d6b5b67fbca1eab3c19a68c33.zip chromium_src-1fcc9edcf037375d6b5b67fbca1eab3c19a68c33.tar.gz chromium_src-1fcc9edcf037375d6b5b67fbca1eab3c19a68c33.tar.bz2 | |
Don't grant unnecessary handle privileges in OpenProcessHandle.
This patch makes it harder for process handles with more privileges
to leak to untrusted places.
Review URL: http://codereview.chromium.org/125260
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@18802 0039d316-1c4b-4281-b951-d872f2087c98
| -rw-r--r-- | base/process_util_win.cc | 9 | ||||
| -rw-r--r-- | chrome/test/chrome_process_util.cc | 2 | ||||
| -rw-r--r-- | chrome/test/memory_test/memory_test.cc | 2 | ||||
| -rw-r--r-- | chrome/test/page_cycler/page_cycler_test.cc | 4 |
4 files changed, 8 insertions, 9 deletions
diff --git a/base/process_util_win.cc b/base/process_util_win.cc index aea8cb9..eaa6c88 100644 --- a/base/process_util_win.cc +++ b/base/process_util_win.cc @@ -34,11 +34,10 @@ ProcessHandle GetCurrentProcessHandle() { } bool OpenProcessHandle(ProcessId pid, ProcessHandle* handle) { - // TODO(phajdan.jr): Take even more permissions out of this list. - ProcessHandle result = OpenProcess(PROCESS_DUP_HANDLE | - PROCESS_TERMINATE | - PROCESS_QUERY_INFORMATION | - SYNCHRONIZE, + // We try to limit privileges granted to the handle. If you need this + // for test code, consider using OpenPrivilegedProcessHandle instead of + // adding more privileges here. + ProcessHandle result = OpenProcess(PROCESS_DUP_HANDLE | PROCESS_TERMINATE, FALSE, pid); if (result == INVALID_HANDLE_VALUE) diff --git a/chrome/test/chrome_process_util.cc b/chrome/test/chrome_process_util.cc index 8ad6239..c1b6931 100644 --- a/chrome/test/chrome_process_util.cc +++ b/chrome/test/chrome_process_util.cc @@ -29,7 +29,7 @@ void TerminateAllChromeProcesses(const FilePath& data_dir) { base::ProcessHandle handle; // Ignore processes for which we can't open the handle. We don't guarantee // that all processes will terminate, only try to do so. - if (base::OpenProcessHandle(*it, &handle)) + if (base::OpenPrivilegedProcessHandle(*it, &handle)) handles.push_back(handle); } } diff --git a/chrome/test/memory_test/memory_test.cc b/chrome/test/memory_test/memory_test.cc index 4afd75a..47ac960 100644 --- a/chrome/test/memory_test/memory_test.cc +++ b/chrome/test/memory_test/memory_test.cc @@ -290,7 +290,7 @@ class MemoryTest : public UITest { scoped_ptr<base::ProcessMetrics> process_metrics; IoCounters io_counters; base::ProcessHandle process_handle; - if (!base::OpenProcessHandle(*it, &process_handle)) { + if (!base::OpenPrivilegedProcessHandle(*it, &process_handle)) { NOTREACHED(); } process_metrics.reset( diff --git a/chrome/test/page_cycler/page_cycler_test.cc b/chrome/test/page_cycler/page_cycler_test.cc index 31fe4ba..e021563 100644 --- a/chrome/test/page_cycler/page_cycler_test.cc +++ b/chrome/test/page_cycler/page_cycler_test.cc @@ -233,7 +233,7 @@ class PageCyclerTest : public UITest { ChromeProcessList::const_iterator it; for (it = chrome_processes.begin(); it != chrome_processes.end(); ++it) { base::ProcessHandle process_handle; - if (!base::OpenProcessHandle(*it, &process_handle)) { + if (!base::OpenPrivilegedProcessHandle(*it, &process_handle)) { NOTREACHED(); } @@ -303,7 +303,7 @@ class PageCyclerTest : public UITest { ChromeProcessList::const_iterator it; for (it = chrome_processes.begin(); it != chrome_processes.end(); ++it) { base::ProcessHandle process_handle; - if (!base::OpenProcessHandle(*it, &process_handle)) { + if (!base::OpenPrivilegedProcessHandle(*it, &process_handle)) { NOTREACHED(); } |