The Tor Browser / file comparison
comparison: security/sandbox/win/src/job.h
security/sandbox/win/src/job.h
- changeset 0
- 6474c204b198
equal
deleted
inserted
replaced
| -1:000000000000 | 0:54beb45d6b16 |
|---|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef SANDBOX_SRC_JOB_H_ | |
| 6 #define SANDBOX_SRC_JOB_H_ | |
| 7 | |
| 8 #include "base/basictypes.h" | |
| 9 #include "sandbox/win/src/restricted_token_utils.h" | |
| 10 | |
| 11 namespace sandbox { | |
| 12 | |
| 13 // Handles the creation of job objects based on a security profile. | |
| 14 // Sample usage: | |
| 15 // Job job; | |
| 16 // job.Init(JOB_LOCKDOWN, NULL); //no job name | |
| 17 // job.AssignProcessToJob(process_handle); | |
| 18 class Job { | |
| 19 public: | |
| 20 Job() : job_handle_(NULL) { } | |
| 21 | |
| 22 ~Job(); | |
| 23 | |
| 24 // Initializes and creates the job object. The security of the job is based | |
| 25 // on the security_level parameter. | |
| 26 // job_name can be NULL if the job is unnamed. | |
| 27 // If the chosen profile has too many ui restrictions, you can disable some | |
| 28 // by specifying them in the ui_exceptions parameters. | |
| 29 // If the function succeeds, the return value is ERROR_SUCCESS. If the | |
| 30 // function fails, the return value is the win32 error code corresponding to | |
| 31 // the error. | |
| 32 DWORD Init(JobLevel security_level, wchar_t *job_name, DWORD ui_exceptions); | |
| 33 | |
| 34 // Assigns the process referenced by process_handle to the job. | |
| 35 // If the function succeeds, the return value is ERROR_SUCCESS. If the | |
| 36 // function fails, the return value is the win32 error code corresponding to | |
| 37 // the error. | |
| 38 DWORD AssignProcessToJob(HANDLE process_handle); | |
| 39 | |
| 40 // Grants access to "handle" to the job. All processes in the job can | |
| 41 // subsequently recognize and use the handle. | |
| 42 // If the function succeeds, the return value is ERROR_SUCCESS. If the | |
| 43 // function fails, the return value is the win32 error code corresponding to | |
| 44 // the error. | |
| 45 DWORD UserHandleGrantAccess(HANDLE handle); | |
| 46 | |
| 47 // Revokes ownership to the job handle and returns it. The destructor of the | |
| 48 // class won't close the handle when called. | |
| 49 // If the object is not yet initialized, it returns 0. | |
| 50 HANDLE Detach(); | |
| 51 | |
| 52 private: | |
| 53 // Handle to the job referenced by the object. | |
| 54 HANDLE job_handle_; | |
| 55 | |
| 56 DISALLOW_COPY_AND_ASSIGN(Job); | |
| 57 }; | |
| 58 | |
| 59 } // namespace sandbox | |
| 60 | |
| 61 | |
| 62 #endif // SANDBOX_SRC_JOB_H_ |
