summaryrefslogtreecommitdiffstats
path: root/sandbox/win/src
Commit message (Collapse)AuthorAgeFilesLines
* Revert 162293 - Enable DEP earlier on Vista and belowmattm@chromium.org2012-10-173-29/+29
| | | | | | | | | | | | | We can't enable DEP at launch prior to Win7, but we can queue an APC to enable immediately after the loader finishes. BUG=147752 Review URL: https://chromiumcodereview.appspot.com/10944015 TBR=jschuh@chromium.org Review URL: https://codereview.chromium.org/11194027 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@162300 0039d316-1c4b-4281-b951-d872f2087c98
* Enable DEP earlier on Vista and belowjschuh@chromium.org2012-10-173-29/+29
| | | | | | | | | | We can't enable DEP at launch prior to Win7, but we can queue an APC to enable immediately after the loader finishes. BUG=147752 Review URL: https://chromiumcodereview.appspot.com/10944015 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@162293 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 160252 - Make mitigation failures CHECKjschuh@chromium.org2012-10-051-17/+23
| | | | | | | | | | | | This is a temporary change to narrow down failures enabling mitigations on Win8. I'll revert once the cause is determined. BUG=153399 Review URL: https://codereview.chromium.org/11040046 TBR=jschuh@chromium.org Review URL: https://codereview.chromium.org/11026071 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@160419 0039d316-1c4b-4281-b951-d872f2087c98
* Make mitigation failures CHECKjschuh@chromium.org2012-10-041-23/+17
| | | | | | | | | This is a temporary change to narrow down failures enabling mitigations on Win8. I'll revert once the cause is determined. BUG=153399 Review URL: https://codereview.chromium.org/11040046 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@160252 0039d316-1c4b-4281-b951-d872f2087c98
* Add a parameter to the sandbox policy to allow sandboxed process to run ↵pastarmovj@chromium.org2012-10-047-25/+75
| | | | | | | | | | | | | | | | | | | outside of a job and wire it to a cmd line flag. This is needed for running chrome in Citrix or RemoteApp (Terminal Services) environments. These envoronments both start the main process inside a job spawned by rdpinit.exe (at least in the RemoteApp case) and the process are not allowed to escape it therefore when the job assignment is attempted it failes with ERROR_PERMISSION_DENIED. This is not a problem in Windows 8/Server 2012 because these allow nested jobs so we should only respect this flag for versions older than that. BUG=79091 TEST=Start Chrome as a published app with --allow-no-job and observe it spawning renderer processes properly. Review URL: https://chromiumcodereview.appspot.com/10908171 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@160133 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 159850 - Enable handle tracing in Canary, Dev, and all debug builds ↵alexeypa@google.com2012-10-031-11/+6
| | | | | | | | | | | | | | | of Chrome (Windows only). BUG=131699,153148 Enabling handle tracing for the whole lifetime of a process uncovers to many bugs, causing lots of crashes. A supression or selective enablement mechanism is required to make it work. Review URL: https://chromiumcodereview.appspot.com/11035012 TBR=alexeypa@chromium.org Review URL: https://codereview.chromium.org/11043021 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@159914 0039d316-1c4b-4281-b951-d872f2087c98
* Enable handle tracing in Canary, Dev, and all debug builds of Chrome ↵alexeypa@chromium.org2012-10-031-6/+11
| | | | | | | | | | | (Windows only). BUG=131699,153148 Review URL: https://chromiumcodereview.appspot.com/11035012 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@159850 0039d316-1c4b-4281-b951-d872f2087c98
* Improve error handling in ApplyProcessMitigationsToCurrentProcessjschuh@chromium.org2012-10-021-7/+15
| | | | | | | BUG=153399 Review URL: https://codereview.chromium.org/11036009 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@159632 0039d316-1c4b-4281-b951-d872f2087c98
* Add extra buckets to CrashExitCodes histogram for sandbox terminations.eroman@chromium.org2012-09-281-2/+3
| | | | | | | | BUG=152814 Review URL: https://chromiumcodereview.appspot.com/10981061 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@159215 0039d316-1c4b-4281-b951-d872f2087c98
* Remove GetModuleHandleHelper(), which was only needed for Win2k (which we ↵pkasting@chromium.org2012-09-225-78/+23
| | | | | | | | | | don't support). BUG=none TEST=none Review URL: https://codereview.chromium.org/10951038 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@158165 0039d316-1c4b-4281-b951-d872f2087c98
* Make ProcessMitigationsTest.CheckWin8 work in debug buildsjschuh@chromium.org2012-09-221-11/+15
| | | | | | Review URL: https://chromiumcodereview.appspot.com/10956050 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@158132 0039d316-1c4b-4281-b951-d872f2087c98
* Cleanup: avoid foo ? true : false, part 2.thestig@chromium.org2012-09-195-14/+9
| | | | | | Review URL: https://chromiumcodereview.appspot.com/10942004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@157509 0039d316-1c4b-4281-b951-d872f2087c98
* Add sandbox support for Windows process mitigations jschuh@chromium.org2012-09-1315-306/+760
| | | | | | | BUG=147752 Review URL: https://codereview.chromium.org/10690058 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@156657 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 156550 - Add sandbox support for Windows process mitigations jschuh@chromium.org2012-09-1315-739/+306
| | | | | | | | | | BUG=147752 Review URL: https://codereview.chromium.org/10690058 TBR=jschuh@chromium.org Review URL: https://chromiumcodereview.appspot.com/10907217 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@156556 0039d316-1c4b-4281-b951-d872f2087c98
* Add sandbox support for Windows process mitigations jschuh@chromium.org2012-09-1315-306/+739
| | | | | | | BUG=147752 Review URL: https://codereview.chromium.org/10690058 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@156550 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 156315 - Add sandbox support for Windows process mitigationsjschuh@chromium.org2012-09-1215-731/+301
| | | | | | | | | | BUG=147752 Review URL: https://chromiumcodereview.appspot.com/10690058 TBR=jschuh@chromium.org Review URL: https://chromiumcodereview.appspot.com/10918197 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@156322 0039d316-1c4b-4281-b951-d872f2087c98
* Add sandbox support for Windows process mitigationsjschuh@chromium.org2012-09-1215-301/+731
| | | | | | | BUG=147752 Review URL: https://chromiumcodereview.appspot.com/10690058 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@156315 0039d316-1c4b-4281-b951-d872f2087c98
* Disable FilePolicyTest, DISABLED_TestReparsePointtbreisacher@chromium.org2012-09-071-1/+2
| | | | | | | | | | BUG=146944 TBR=nsylvain@chromium.org NOTRY=true Review URL: https://chromiumcodereview.appspot.com/10910125 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@155286 0039d316-1c4b-4281-b951-d872f2087c98
* Sandbox: Add support for Windows 8' AppContainer.rvargas@google.com2012-09-0515-72/+648
| | | | | | | | | | | | | Both sandboxes are not fully compatible yet; it is not possible to enable the AppContainer if the process is to be fully sandboxed (USER_LOCKDOWN), but the sandbox is user configurable anyway. BUG=none TEST=sbox_unittests, sbox_integration_tests Review URL: https://chromiumcodereview.appspot.com/10825425 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@154986 0039d316-1c4b-4281-b951-d872f2087c98
* Move STARTUPINFO manipulation into SpawnTargetjschuh@chromium.org2012-08-283-13/+25
| | | | | | Review URL: https://chromiumcodereview.appspot.com/10878071 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@153606 0039d316-1c4b-4281-b951-d872f2087c98
* Sandbox: Disable a test that fails on Win64.rvargas@google.com2012-08-231-0/+2
| | | | | | | | BUG=6944 TEST=none Review URL: https://chromiumcodereview.appspot.com/10860081 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@153035 0039d316-1c4b-4281-b951-d872f2087c98
* Re-enable sandbox ClientFastServer test.jln@chromium.org2012-08-221-3/+0
| | | | | | | | | | BUG=137791 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/10831414 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@152806 0039d316-1c4b-4281-b951-d872f2087c98
* Sandbox: Fix CreateProcess policy tests.rvargas@google.com2012-08-101-42/+105
| | | | | | | | BUG=6944 TEST=sbox_integration_tests Review URL: https://chromiumcodereview.appspot.com/10837151 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@150957 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 150423 - Sandbox: Fix CreateProcess policy tests.rvargas@google.com2012-08-071-106/+42
| | | | | | | | | | | BUG=6944 TEST=sbox_integration_tests Review URL: https://chromiumcodereview.appspot.com/10831160 TBR=rvargas@google.com Review URL: https://chromiumcodereview.appspot.com/10831200 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@150429 0039d316-1c4b-4281-b951-d872f2087c98
* Sandbox: Fix CreateProcess policy tests.rvargas@google.com2012-08-071-42/+106
| | | | | | | | BUG=6944 TEST=sbox_integration_tests Review URL: https://chromiumcodereview.appspot.com/10831160 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@150423 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 149782 - Sandbox: Fix CreateProcess policy tests.rvargas@google.com2012-08-031-100/+42
| | | | | | | | | | | BUG=6944 TEST=sbox_integration_tests Review URL: https://chromiumcodereview.appspot.com/10823134 TBR=rvargas@google.com Review URL: https://chromiumcodereview.appspot.com/10828142 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@149790 0039d316-1c4b-4281-b951-d872f2087c98
* Sandbox: Fix CreateProcess policy tests.rvargas@google.com2012-08-031-42/+100
| | | | | | | | BUG=6944 TEST=sbox_integration_tests Review URL: https://chromiumcodereview.appspot.com/10823134 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@149782 0039d316-1c4b-4281-b951-d872f2087c98
* Sandbox: Verify that members of TargetProcess are valid before freeing them.rvargas@google.com2012-08-031-10/+13
| | | | | | | | | | SpawnCleanup may trigger the destruction of a partially created TargetProcess. BUG=139898 TEST=none Review URL: https://chromiumcodereview.appspot.com/10831133 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@149763 0039d316-1c4b-4281-b951-d872f2087c98
* Fixing a couple of issues in sandbox::RestrictedToken:alexeypa@chromium.org2012-08-012-13/+82
| | | | | | | | | | | | - Specify access bits on the duplicated handle correctly. - Avoid touching an uninitialized buffer in case of an error. BUG=139841 TEST=RestrictedTokenTest.DenyOwnerSidCustom, RestrictedTokenTest.AddRestrictingSidCurrentUserCustom Review URL: https://chromiumcodereview.appspot.com/10844003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@149475 0039d316-1c4b-4281-b951-d872f2087c98
* Coverity: Fix several pass-by-values.jhawkins@chromium.org2012-07-271-1/+1
| | | | | | | | | | | | | CID_COUNT=8 CID=7757,8647,11476,16931,16932,100206,100577,102872 BUG=none TEST=none R=tbreisacher@chromium.org TBR=brettw@chromium.org,kalman@chromium.org Review URL: https://chromiumcodereview.appspot.com/10824033 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@148687 0039d316-1c4b-4281-b951-d872f2087c98
* Remove use-after-free bug.tbreisacher@chromium.org2012-07-251-3/+3
| | | | | | | | | | | CID=104376 BUG= TEST= Review URL: https://chromiumcodereview.appspot.com/10821018 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@148424 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 147510 - Revert "Remove part of a sandbox test that fails on XP"vitalybuka@chromium.org2012-07-201-0/+3
| | | | | | | | | | | | | | | | | | | | It still brakes sbox_unittests. This reverts commit 147165 (2f575e44d375c7324571f58b9888a72fc77abd7e). It has been tested on a local XP machine and works fine. BUG=137791 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/10805016 TBR=jln@chromium.org Review URL: https://chromiumcodereview.appspot.com/10810033 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@147613 0039d316-1c4b-4281-b951-d872f2087c98
* Revert "Remove part of a sandbox test that fails on XP"jln@chromium.org2012-07-191-3/+0
| | | | | | | | | | | | | | | This reverts commit 147165 (2f575e44d375c7324571f58b9888a72fc77abd7e). It has been tested on a local XP machine and works fine. BUG=137791 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/10805016 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@147510 0039d316-1c4b-4281-b951-d872f2087c98
* Remove part of a sandbox test that fails on XPjln@chromium.org2012-07-181-0/+3
| | | | | | | | | | | | | | | | | IPCTest.ClientFastServer inexplicably fails on XP after we moved the Windows sandbox to sandbox/win. Disable the part that fails for now. BUG= TEST= NOTRY=true TBR=cpu@chromium.org Review URL: https://chromiumcodereview.appspot.com/10806003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@147165 0039d316-1c4b-4281-b951-d872f2087c98
* Move the Windows sandbox to sandbox/winjln@chromium.org2012-07-18160-0/+28218
| | | | | | | | | | | | | This is a rather large refactor to move the Windows sandbox to the right place. BUG= TEST= NOTRY=true TBR=sky@chromium.org Review URL: https://chromiumcodereview.appspot.com/10689170 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@147151 0039d316-1c4b-4281-b951-d872f2087c98
* Emergency revert; rietveld broke; tree brokeerg@google.com2012-07-13160-28218/+0
| | | | git-svn-id: svn://svn.chromium.org/chrome/trunk/src@146646 0039d316-1c4b-4281-b951-d872f2087c98
* sandbox_poc + test to sandbox/winjln@chromium.org2012-07-1313-14/+14
| | | | git-svn-id: svn://svn.chromium.org/chrome/trunk/src@146627 0039d316-1c4b-4281-b951-d872f2087c98
* sandbox/src -> sandbox/win/srcjln@chromium.org2012-07-13148-540/+540
| | | | git-svn-id: svn://svn.chromium.org/chrome/trunk/src@146626 0039d316-1c4b-4281-b951-d872f2087c98
* Move Windows sandboxjln@chromium.org2012-07-13160-0/+28218
- Move Windows sandbox to sandbox/win - Update sandbox_win.gypi git-svn-id: svn://svn.chromium.org/chrome/trunk/src@146625 0039d316-1c4b-4281-b951-d872f2087c98
generated by cgit v1.1 at 2024-09-06 20:47:41 +0000