diff options
author | jschuh@chromium.org <jschuh@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-09-12 17:46:10 +0000 |
---|---|---|
committer | jschuh@chromium.org <jschuh@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-09-12 17:46:10 +0000 |
commit | 914bc73938a428fb7315643277068056fc723fae (patch) | |
tree | 08c5818070a0c189ff8fc0f9b814db29777b14ac /sandbox/win/src/sandbox_policy_base.cc | |
parent | 665594887af9746280a3ea281ac1676b2793d3c3 (diff) | |
download | chromium_src-914bc73938a428fb7315643277068056fc723fae.zip chromium_src-914bc73938a428fb7315643277068056fc723fae.tar.gz chromium_src-914bc73938a428fb7315643277068056fc723fae.tar.bz2 |
Revert 156315 - Add sandbox support for Windows process mitigations
BUG=147752
Review URL: https://chromiumcodereview.appspot.com/10690058
TBR=jschuh@chromium.org
Review URL: https://chromiumcodereview.appspot.com/10918197
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@156322 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'sandbox/win/src/sandbox_policy_base.cc')
-rw-r--r-- | sandbox/win/src/sandbox_policy_base.cc | 46 |
1 files changed, 0 insertions, 46 deletions
diff --git a/sandbox/win/src/sandbox_policy_base.cc b/sandbox/win/src/sandbox_policy_base.cc index f942ff5a..3950a0c 100644 --- a/sandbox/win/src/sandbox_policy_base.cc +++ b/sandbox/win/src/sandbox_policy_base.cc @@ -15,7 +15,6 @@ #include "sandbox/win/src/handle_policy.h" #include "sandbox/win/src/job.h" #include "sandbox/win/src/interception.h" -#include "sandbox/win/src/process_mitigations.h" #include "sandbox/win/src/named_pipe_dispatcher.h" #include "sandbox/win/src/named_pipe_policy.h" #include "sandbox/win/src/policy_broker.h" @@ -54,7 +53,6 @@ sandbox::PolicyGlobal* MakeBrokerPolicyMemory() { namespace sandbox { SANDBOX_INTERCEPT IntegrityLevel g_shared_delayed_integrity_level; -SANDBOX_INTERCEPT MitigationFlags g_shared_delayed_mitigations; // Initializes static members. HWINSTA PolicyBase::alternate_winstation_handle_ = NULL; @@ -72,8 +70,6 @@ PolicyBase::PolicyBase() relaxed_interceptions_(true), integrity_level_(INTEGRITY_LEVEL_LAST), delayed_integrity_level_(INTEGRITY_LEVEL_LAST), - mitigations_(0), - delayed_mitigations_(0), policy_maker_(NULL), policy_(NULL) { ::InitializeCriticalSection(&lock_); @@ -280,30 +276,6 @@ ResultCode PolicyBase::SetCapability(const wchar_t* sid) { return SBOX_ALL_OK; } -ResultCode PolicyBase::SetProcessMitigations( - MitigationFlags flags) { - if (!CanSetProcessMitigationsPreStartup(flags)) - return SBOX_ERROR_BAD_PARAMS; - mitigations_ = flags; - return SBOX_ALL_OK; -} - -MitigationFlags PolicyBase::GetProcessMitigations() { - return mitigations_; -} - -ResultCode PolicyBase::SetDelayedProcessMitigations( - MitigationFlags flags) { - if (!CanSetProcessMitigationsPostStartup(flags)) - return SBOX_ERROR_BAD_PARAMS; - delayed_mitigations_ = flags; - return SBOX_ALL_OK; -} - -MitigationFlags PolicyBase::GetDelayedProcessMitigations() { - return delayed_mitigations_; -} - void PolicyBase::SetStrictInterceptions() { relaxed_interceptions_ = false; } @@ -478,11 +450,6 @@ bool PolicyBase::AddTarget(TargetProcess* target) { if (NULL != policy_) policy_maker_->Done(); - if (!ApplyProcessMitigationsToSuspendedProcess(target->Process(), - mitigations_)) { - return false; - } - if (!SetupAllInterceptions(target)) return false; @@ -502,19 +469,6 @@ bool PolicyBase::AddTarget(TargetProcess* target) { if (SBOX_ALL_OK != ret) return false; - // Add in delayed mitigations and pseudo-mitigations enforced at startup. - g_shared_delayed_mitigations = delayed_mitigations_ | - FilterPostStartupProcessMitigations(mitigations_); - if (!CanSetProcessMitigationsPostStartup(g_shared_delayed_mitigations)) - return false; - - ret = target->TransferVariable("g_shared_delayed_mitigations", - &g_shared_delayed_mitigations, - sizeof(g_shared_delayed_mitigations)); - g_shared_delayed_mitigations = 0; - if (SBOX_ALL_OK != ret) - return false; - AutoLock lock(&lock_); targets_.push_back(target); return true; |