The Tor Browser / file comparison
comparison: security/sandbox/win/src/app_container_test.cc
security/sandbox/win/src/app_container_test.cc
- branch
- TOR_BUG_3246
- changeset 5
- 4ab42b5ab56c
equal
deleted
inserted
replaced
| -1:000000000000 | 0:6fb2a59900d6 |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include <windows.h> | |
| 6 | |
| 7 #define _ATL_NO_EXCEPTIONS | |
| 8 #include <atlbase.h> | |
| 9 #include <atlsecurity.h> | |
| 10 | |
| 11 #include "base/strings/string16.h" | |
| 12 #include "base/win/scoped_handle.h" | |
| 13 #include "base/win/windows_version.h" | |
| 14 #include "sandbox/win/src/sync_policy_test.h" | |
| 15 #include "testing/gtest/include/gtest/gtest.h" | |
| 16 | |
| 17 namespace { | |
| 18 | |
| 19 const wchar_t kAppContainerName[] = L"sbox_test"; | |
| 20 const wchar_t kAppContainerSid[] = | |
| 21 L"S-1-15-2-3251537155-1984446955-2931258699-841473695-1938553385-" | |
| 22 L"924012148-2839372144"; | |
| 23 | |
| 24 const ULONG kSharing = FILE_SHARE_WRITE | FILE_SHARE_READ | FILE_SHARE_DELETE; | |
| 25 | |
| 26 HANDLE CreateTaggedEvent(const string16& name, const string16& sid) { | |
| 27 base::win::ScopedHandle event(CreateEvent(NULL, FALSE, FALSE, name.c_str())); | |
| 28 if (!event.IsValid()) | |
| 29 return NULL; | |
| 30 | |
| 31 wchar_t file_name[MAX_PATH] = {}; | |
| 32 wchar_t temp_directory[MAX_PATH] = {}; | |
| 33 GetTempPath(MAX_PATH, temp_directory); | |
| 34 GetTempFileName(temp_directory, L"test", 0, file_name); | |
| 35 | |
| 36 base::win::ScopedHandle file; | |
| 37 file.Set(CreateFile(file_name, GENERIC_READ | STANDARD_RIGHTS_READ, kSharing, | |
| 38 NULL, OPEN_EXISTING, 0, NULL)); | |
| 39 DeleteFile(file_name); | |
| 40 if (!file.IsValid()) | |
| 41 return NULL; | |
| 42 | |
| 43 CSecurityDesc sd; | |
| 44 if (!AtlGetSecurityDescriptor(file.Get(), SE_FILE_OBJECT, &sd, | |
| 45 OWNER_SECURITY_INFORMATION | | |
| 46 GROUP_SECURITY_INFORMATION | | |
| 47 DACL_SECURITY_INFORMATION)) { | |
| 48 return NULL; | |
| 49 } | |
| 50 | |
| 51 PSID local_sid; | |
| 52 if (!ConvertStringSidToSid(sid.c_str(), &local_sid)) | |
| 53 return NULL; | |
| 54 | |
| 55 CDacl new_dacl; | |
| 56 sd.GetDacl(&new_dacl); | |
| 57 CSid csid(reinterpret_cast<SID*>(local_sid)); | |
| 58 new_dacl.AddAllowedAce(csid, EVENT_ALL_ACCESS); | |
| 59 if (!AtlSetDacl(event.Get(), SE_KERNEL_OBJECT, new_dacl)) | |
| 60 event.Close(); | |
| 61 | |
| 62 LocalFree(local_sid); | |
| 63 return event.IsValid() ? event.Take() : NULL; | |
| 64 } | |
| 65 | |
| 66 } // namespace | |
| 67 | |
| 68 namespace sandbox { | |
| 69 | |
| 70 TEST(AppContainerTest, AllowOpenEvent) { | |
| 71 if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8) | |
| 72 return; | |
| 73 | |
| 74 TestRunner runner(JOB_UNPROTECTED, USER_UNPROTECTED, USER_UNPROTECTED); | |
| 75 | |
| 76 const wchar_t capability[] = L"S-1-15-3-12345678-87654321"; | |
| 77 base::win::ScopedHandle handle(CreateTaggedEvent(L"test", capability)); | |
| 78 ASSERT_TRUE(handle.IsValid()); | |
| 79 | |
| 80 EXPECT_EQ(SBOX_ALL_OK, | |
| 81 runner.broker()->InstallAppContainer(kAppContainerSid, | |
| 82 kAppContainerName)); | |
| 83 EXPECT_EQ(SBOX_ALL_OK, runner.GetPolicy()->SetCapability(capability)); | |
| 84 EXPECT_EQ(SBOX_ALL_OK, runner.GetPolicy()->SetAppContainer(kAppContainerSid)); | |
| 85 | |
| 86 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"Event_Open f test")); | |
| 87 | |
| 88 runner.SetTestState(BEFORE_REVERT); | |
| 89 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"Event_Open f test")); | |
| 90 EXPECT_EQ(SBOX_ALL_OK, | |
| 91 runner.broker()->UninstallAppContainer(kAppContainerSid)); | |
| 92 } | |
| 93 | |
| 94 TEST(AppContainerTest, DenyOpenEvent) { | |
| 95 if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8) | |
| 96 return; | |
| 97 | |
| 98 TestRunner runner(JOB_UNPROTECTED, USER_UNPROTECTED, USER_UNPROTECTED); | |
| 99 | |
| 100 const wchar_t capability[] = L"S-1-15-3-12345678-87654321"; | |
| 101 base::win::ScopedHandle handle(CreateTaggedEvent(L"test", capability)); | |
| 102 ASSERT_TRUE(handle.IsValid()); | |
| 103 | |
| 104 EXPECT_EQ(SBOX_ALL_OK, | |
| 105 runner.broker()->InstallAppContainer(kAppContainerSid, | |
| 106 kAppContainerName)); | |
| 107 EXPECT_EQ(SBOX_ALL_OK, runner.GetPolicy()->SetAppContainer(kAppContainerSid)); | |
| 108 | |
| 109 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(L"Event_Open f test")); | |
| 110 | |
| 111 runner.SetTestState(BEFORE_REVERT); | |
| 112 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(L"Event_Open f test")); | |
| 113 EXPECT_EQ(SBOX_ALL_OK, | |
| 114 runner.broker()->UninstallAppContainer(kAppContainerSid)); | |
| 115 } | |
| 116 | |
| 117 TEST(AppContainerTest, NoImpersonation) { | |
| 118 if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8) | |
| 119 return; | |
| 120 | |
| 121 TestRunner runner(JOB_UNPROTECTED, USER_LIMITED, USER_LIMITED); | |
| 122 EXPECT_EQ(SBOX_ALL_OK, runner.GetPolicy()->SetAppContainer(kAppContainerSid)); | |
| 123 } | |
| 124 | |
| 125 TEST(AppContainerTest, WantsImpersonation) { | |
| 126 if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8) | |
| 127 return; | |
| 128 | |
| 129 TestRunner runner(JOB_UNPROTECTED, USER_UNPROTECTED, USER_NON_ADMIN); | |
| 130 EXPECT_EQ(SBOX_ERROR_CANNOT_INIT_APPCONTAINER, | |
| 131 runner.GetPolicy()->SetAppContainer(kAppContainerSid)); | |
| 132 } | |
| 133 | |
| 134 TEST(AppContainerTest, RequiresImpersonation) { | |
| 135 if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8) | |
| 136 return; | |
| 137 | |
| 138 TestRunner runner(JOB_UNPROTECTED, USER_RESTRICTED, USER_RESTRICTED); | |
| 139 EXPECT_EQ(SBOX_ERROR_CANNOT_INIT_APPCONTAINER, | |
| 140 runner.GetPolicy()->SetAppContainer(kAppContainerSid)); | |
| 141 } | |
| 142 | |
| 143 } // namespace sandbox |
