// Copyright (c) 2012 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifndef REMOTING_HOST_WIN_LAUNCH_PROCESS_WITH_TOKEN_H_ #define REMOTING_HOST_WIN_LAUNCH_PROCESS_WITH_TOKEN_H_ #include #include #include #include "base/command_line.h" #include "base/files/file_path.h" #include "base/lazy_instance.h" #include "base/memory/scoped_ptr.h" #include "base/synchronization/lock.h" #include "base/win/scoped_handle.h" namespace remoting { // This lock should be taken when creating handles that will be inherited by // a child process. Without it the child process can inherit handles created for // a different child process started at the same time. extern base::LazyInstance::Leaky g_inherit_handles_lock; // Creates a copy of the current process token for the given |session_id| so // it can be used to launch a process in that session. bool CreateSessionToken(uint32_t session_id, base::win::ScopedHandle* token_out); // Launches |binary| in the security context of the user represented by // |user_token|. The session ID specified by the token is respected as well. // The other parameters are passed directly to CreateProcessAsUser(). // If |inherit_handles| is true |g_inherit_handles_lock| should be taken while // any inheritable handles are open. bool LaunchProcessWithToken(const base::FilePath& binary, const base::CommandLine::StringType& command_line, HANDLE user_token, SECURITY_ATTRIBUTES* process_attributes, SECURITY_ATTRIBUTES* thread_attributes, bool inherit_handles, DWORD creation_flags, const base::char16* desktop_name, base::win::ScopedHandle* process_out, base::win::ScopedHandle* thread_out); } // namespace remoting #endif // REMOTING_HOST_WIN_LAUNCH_PROCESS_WITH_TOKEN_H_