diff options
| author | jschuh@chromium.org <jschuh@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-07-24 17:20:34 +0000 |
|---|---|---|
| committer | jschuh@chromium.org <jschuh@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-07-24 17:20:34 +0000 |
| commit | 4a675af846624bccd583b8ae6b518391018ee6a6 (patch) | |
| tree | f931ebaf34d7e451a10f9870f476919b8b611d55 /content | |
| parent | 65533ad0606a04de3746da2bc785702ba3da17b5 (diff) | |
| download | chromium_src-4a675af846624bccd583b8ae6b518391018ee6a6.zip chromium_src-4a675af846624bccd583b8ae6b518391018ee6a6.tar.gz chromium_src-4a675af846624bccd583b8ae6b518391018ee6a6.tar.bz2 | |
Close all open ALPC client ports at lockdown.
Close out the CSRSS and LSASS ALPC client ports that are opened during initialization.
BUG=58069
TEST=sbox_integration_tests --gtest_filter=HandleCloserTests.RunThreadPool
Review URL: http://codereview.chromium.org/7490002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@93827 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'content')
| -rw-r--r-- | content/common/sandbox_policy.cc | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/content/common/sandbox_policy.cc b/content/common/sandbox_policy.cc index 41995f4..3776b0d 100644 --- a/content/common/sandbox_policy.cc +++ b/content/common/sandbox_policy.cc @@ -222,6 +222,8 @@ void AddBaseHandleClosePolicy(sandbox::TargetPolicy* policy) { L"\\BaseNamedObjects").data()); policy->AddKernelObjectToClose(L"Section", PrependWindowsSessionPath( L"\\BaseNamedObjects\\windows_shell_global_counters").data()); + // These are the CSRSS and LSASS handles opened at initialization. + policy->AddKernelObjectToClose(L"ALPC Port", NULL); } void AddStrictHandleClosePolicy(sandbox::TargetPolicy* policy) { |