diff options
| author | cpu@google.com <cpu@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-09-18 00:26:01 +0000 |
|---|---|---|
| committer | cpu@google.com <cpu@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-09-18 00:26:01 +0000 |
| commit | 9cd0144cccf979ecce9f193f77e50c05544bc4a7 (patch) | |
| tree | 548283eb1965017d2f1c46e9bb63aa8cbc7816d5 /sandbox/src/sandbox_policy.h | |
| parent | 35aa85ac00fbfa16bd9f52b05e47eb09a3b6a0ce (diff) | |
| download | chromium_src-9cd0144cccf979ecce9f193f77e50c05544bc4a7.zip chromium_src-9cd0144cccf979ecce9f193f77e50c05544bc4a7.tar.gz chromium_src-9cd0144cccf979ecce9f193f77e50c05544bc4a7.tar.bz2 | |
Add an interface to the sandbox to block dll from loading in the target process
- new interface is TargetPolicy::AddDllToUnload
- Added integration tests and unit tests.
Review URL: http://codereview.chromium.org/2413
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@2348 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'sandbox/src/sandbox_policy.h')
| -rw-r--r-- | sandbox/src/sandbox_policy.h | 29 |
1 files changed, 17 insertions, 12 deletions
diff --git a/sandbox/src/sandbox_policy.h b/sandbox/src/sandbox_policy.h index b47f6ad..6e3983a 100644 --- a/sandbox/src/sandbox_policy.h +++ b/sandbox/src/sandbox_policy.h @@ -2,8 +2,8 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#ifndef SANDBOX_SRC_SANDBOX_POLICY_H__ -#define SANDBOX_SRC_SANDBOX_POLICY_H__ +#ifndef SANDBOX_SRC_SANDBOX_POLICY_H_ +#define SANDBOX_SRC_SANDBOX_POLICY_H_ #include "base/basictypes.h" #include "sandbox/src/sandbox_types.h" @@ -13,6 +13,16 @@ namespace sandbox { class TargetPolicy { public: + // Increments the reference count of this object. The reference count must + // be incremented if this interface is given to another component. + virtual void AddRef() = 0; + + // Decrements the reference count of this object. When the reference count + // is zero the object is automatically destroyed. + // Indicates that the caller is done with this interface. After calling + // release no other method should be called. + virtual void Release() = 0; + // Sets the security level for the target process' two tokens. // This setting is permanent and cannot be changed once the target process is // spawned. @@ -144,19 +154,14 @@ class TargetPolicy { virtual ResultCode AddRule(SubSystem subsystem, Semantics semantics, const wchar_t* pattern) = 0; - // Increments the reference count of this object. The reference count must - // be incremented if this interface is given to another component. - virtual void AddRef() = 0; - - // Decrements the reference count of this object. When the reference count - // is zero the object is automatically destroyed. - // Indicates that the caller is done with this interface. After calling - // release no other method should be called. - virtual void Release() = 0; + // Adds a dll that will be unloaded in the target process before it gets + // a chance to initialize itself. Typically, dlls that cause the target + // to crash go here. + virtual ResultCode AddDllToUnload(const wchar_t* dll_name) = 0; }; } // namespace sandbox -#endif // SANDBOX_SRC_SANDBOX_POLICY_H__ +#endif // SANDBOX_SRC_SANDBOX_POLICY_H_ |