security/sandbox/win/src/app_container_test.cc@6474c204b198 (annotated)
security/sandbox/win/src/app_container_test.cc
Wed, 31 Dec 2014 06:09:35 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 06:09:35 +0100
- changeset 0
- 6474c204b198
- permissions
- -rw-r--r--
Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.
| michael@0 | 1 | // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| michael@0 | 2 | // Use of this source code is governed by a BSD-style license that can be |
| michael@0 | 3 | // found in the LICENSE file. |
| michael@0 | 4 | |
| michael@0 | 5 | #include <windows.h> |
| michael@0 | 6 | |
| michael@0 | 7 | #define _ATL_NO_EXCEPTIONS |
| michael@0 | 8 | #include <atlbase.h> |
| michael@0 | 9 | #include <atlsecurity.h> |
| michael@0 | 10 | |
| michael@0 | 11 | #include "base/strings/string16.h" |
| michael@0 | 12 | #include "base/win/scoped_handle.h" |
| michael@0 | 13 | #include "base/win/windows_version.h" |
| michael@0 | 14 | #include "sandbox/win/src/sync_policy_test.h" |
| michael@0 | 15 | #include "testing/gtest/include/gtest/gtest.h" |
| michael@0 | 16 | |
| michael@0 | 17 | namespace { |
| michael@0 | 18 | |
| michael@0 | 19 | const wchar_t kAppContainerName[] = L"sbox_test"; |
| michael@0 | 20 | const wchar_t kAppContainerSid[] = |
| michael@0 | 21 | L"S-1-15-2-3251537155-1984446955-2931258699-841473695-1938553385-" |
| michael@0 | 22 | L"924012148-2839372144"; |
| michael@0 | 23 | |
| michael@0 | 24 | const ULONG kSharing = FILE_SHARE_WRITE | FILE_SHARE_READ | FILE_SHARE_DELETE; |
| michael@0 | 25 | |
| michael@0 | 26 | HANDLE CreateTaggedEvent(const string16& name, const string16& sid) { |
| michael@0 | 27 | base::win::ScopedHandle event(CreateEvent(NULL, FALSE, FALSE, name.c_str())); |
| michael@0 | 28 | if (!event.IsValid()) |
| michael@0 | 29 | return NULL; |
| michael@0 | 30 | |
| michael@0 | 31 | wchar_t file_name[MAX_PATH] = {}; |
| michael@0 | 32 | wchar_t temp_directory[MAX_PATH] = {}; |
| michael@0 | 33 | GetTempPath(MAX_PATH, temp_directory); |
| michael@0 | 34 | GetTempFileName(temp_directory, L"test", 0, file_name); |
| michael@0 | 35 | |
| michael@0 | 36 | base::win::ScopedHandle file; |
| michael@0 | 37 | file.Set(CreateFile(file_name, GENERIC_READ | STANDARD_RIGHTS_READ, kSharing, |
| michael@0 | 38 | NULL, OPEN_EXISTING, 0, NULL)); |
| michael@0 | 39 | DeleteFile(file_name); |
| michael@0 | 40 | if (!file.IsValid()) |
| michael@0 | 41 | return NULL; |
| michael@0 | 42 | |
| michael@0 | 43 | CSecurityDesc sd; |
| michael@0 | 44 | if (!AtlGetSecurityDescriptor(file.Get(), SE_FILE_OBJECT, &sd, |
| michael@0 | 45 | OWNER_SECURITY_INFORMATION | |
| michael@0 | 46 | GROUP_SECURITY_INFORMATION | |
| michael@0 | 47 | DACL_SECURITY_INFORMATION)) { |
| michael@0 | 48 | return NULL; |
| michael@0 | 49 | } |
| michael@0 | 50 | |
| michael@0 | 51 | PSID local_sid; |
| michael@0 | 52 | if (!ConvertStringSidToSid(sid.c_str(), &local_sid)) |
| michael@0 | 53 | return NULL; |
| michael@0 | 54 | |
| michael@0 | 55 | CDacl new_dacl; |
| michael@0 | 56 | sd.GetDacl(&new_dacl); |
| michael@0 | 57 | CSid csid(reinterpret_cast<SID*>(local_sid)); |
| michael@0 | 58 | new_dacl.AddAllowedAce(csid, EVENT_ALL_ACCESS); |
| michael@0 | 59 | if (!AtlSetDacl(event.Get(), SE_KERNEL_OBJECT, new_dacl)) |
| michael@0 | 60 | event.Close(); |
| michael@0 | 61 | |
| michael@0 | 62 | LocalFree(local_sid); |
| michael@0 | 63 | return event.IsValid() ? event.Take() : NULL; |
| michael@0 | 64 | } |
| michael@0 | 65 | |
| michael@0 | 66 | } // namespace |
| michael@0 | 67 | |
| michael@0 | 68 | namespace sandbox { |
| michael@0 | 69 | |
| michael@0 | 70 | TEST(AppContainerTest, AllowOpenEvent) { |
| michael@0 | 71 | if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8) |
| michael@0 | 72 | return; |
| michael@0 | 73 | |
| michael@0 | 74 | TestRunner runner(JOB_UNPROTECTED, USER_UNPROTECTED, USER_UNPROTECTED); |
| michael@0 | 75 | |
| michael@0 | 76 | const wchar_t capability[] = L"S-1-15-3-12345678-87654321"; |
| michael@0 | 77 | base::win::ScopedHandle handle(CreateTaggedEvent(L"test", capability)); |
| michael@0 | 78 | ASSERT_TRUE(handle.IsValid()); |
| michael@0 | 79 | |
| michael@0 | 80 | EXPECT_EQ(SBOX_ALL_OK, |
| michael@0 | 81 | runner.broker()->InstallAppContainer(kAppContainerSid, |
| michael@0 | 82 | kAppContainerName)); |
| michael@0 | 83 | EXPECT_EQ(SBOX_ALL_OK, runner.GetPolicy()->SetCapability(capability)); |
| michael@0 | 84 | EXPECT_EQ(SBOX_ALL_OK, runner.GetPolicy()->SetAppContainer(kAppContainerSid)); |
| michael@0 | 85 | |
| michael@0 | 86 | EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"Event_Open f test")); |
| michael@0 | 87 | |
| michael@0 | 88 | runner.SetTestState(BEFORE_REVERT); |
| michael@0 | 89 | EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"Event_Open f test")); |
| michael@0 | 90 | EXPECT_EQ(SBOX_ALL_OK, |
| michael@0 | 91 | runner.broker()->UninstallAppContainer(kAppContainerSid)); |
| michael@0 | 92 | } |
| michael@0 | 93 | |
| michael@0 | 94 | TEST(AppContainerTest, DenyOpenEvent) { |
| michael@0 | 95 | if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8) |
| michael@0 | 96 | return; |
| michael@0 | 97 | |
| michael@0 | 98 | TestRunner runner(JOB_UNPROTECTED, USER_UNPROTECTED, USER_UNPROTECTED); |
| michael@0 | 99 | |
| michael@0 | 100 | const wchar_t capability[] = L"S-1-15-3-12345678-87654321"; |
| michael@0 | 101 | base::win::ScopedHandle handle(CreateTaggedEvent(L"test", capability)); |
| michael@0 | 102 | ASSERT_TRUE(handle.IsValid()); |
| michael@0 | 103 | |
| michael@0 | 104 | EXPECT_EQ(SBOX_ALL_OK, |
| michael@0 | 105 | runner.broker()->InstallAppContainer(kAppContainerSid, |
| michael@0 | 106 | kAppContainerName)); |
| michael@0 | 107 | EXPECT_EQ(SBOX_ALL_OK, runner.GetPolicy()->SetAppContainer(kAppContainerSid)); |
| michael@0 | 108 | |
| michael@0 | 109 | EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(L"Event_Open f test")); |
| michael@0 | 110 | |
| michael@0 | 111 | runner.SetTestState(BEFORE_REVERT); |
| michael@0 | 112 | EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(L"Event_Open f test")); |
| michael@0 | 113 | EXPECT_EQ(SBOX_ALL_OK, |
| michael@0 | 114 | runner.broker()->UninstallAppContainer(kAppContainerSid)); |
| michael@0 | 115 | } |
| michael@0 | 116 | |
| michael@0 | 117 | TEST(AppContainerTest, NoImpersonation) { |
| michael@0 | 118 | if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8) |
| michael@0 | 119 | return; |
| michael@0 | 120 | |
| michael@0 | 121 | TestRunner runner(JOB_UNPROTECTED, USER_LIMITED, USER_LIMITED); |
| michael@0 | 122 | EXPECT_EQ(SBOX_ALL_OK, runner.GetPolicy()->SetAppContainer(kAppContainerSid)); |
| michael@0 | 123 | } |
| michael@0 | 124 | |
| michael@0 | 125 | TEST(AppContainerTest, WantsImpersonation) { |
| michael@0 | 126 | if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8) |
| michael@0 | 127 | return; |
| michael@0 | 128 | |
| michael@0 | 129 | TestRunner runner(JOB_UNPROTECTED, USER_UNPROTECTED, USER_NON_ADMIN); |
| michael@0 | 130 | EXPECT_EQ(SBOX_ERROR_CANNOT_INIT_APPCONTAINER, |
| michael@0 | 131 | runner.GetPolicy()->SetAppContainer(kAppContainerSid)); |
| michael@0 | 132 | } |
| michael@0 | 133 | |
| michael@0 | 134 | TEST(AppContainerTest, RequiresImpersonation) { |
| michael@0 | 135 | if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8) |
| michael@0 | 136 | return; |
| michael@0 | 137 | |
| michael@0 | 138 | TestRunner runner(JOB_UNPROTECTED, USER_RESTRICTED, USER_RESTRICTED); |
| michael@0 | 139 | EXPECT_EQ(SBOX_ERROR_CANNOT_INIT_APPCONTAINER, |
| michael@0 | 140 | runner.GetPolicy()->SetAppContainer(kAppContainerSid)); |
| michael@0 | 141 | } |
| michael@0 | 142 | |
| michael@0 | 143 | } // namespace sandbox |
