The Tor Browser / file comparison
comparison: security/sandbox/win/src/app_container.h
security/sandbox/win/src/app_container.h
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
equal
deleted
inserted
replaced
| -1:000000000000 | 0:13f7156a7499 |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef SANDBOX_WIN_SRC_APP_CONTAINER_H_ | |
| 6 #define SANDBOX_WIN_SRC_APP_CONTAINER_H_ | |
| 7 | |
| 8 #include <windows.h> | |
| 9 | |
| 10 #include <vector> | |
| 11 | |
| 12 #include "base/memory/scoped_ptr.h" | |
| 13 #include "base/strings/string16.h" | |
| 14 #include "sandbox/win/src/sandbox_types.h" | |
| 15 | |
| 16 namespace base { | |
| 17 namespace win { | |
| 18 class StartupInformation; | |
| 19 } | |
| 20 } | |
| 21 | |
| 22 namespace sandbox { | |
| 23 | |
| 24 // Maintains an attribute list to be used during creation of a new sandboxed | |
| 25 // process. | |
| 26 class AppContainerAttributes { | |
| 27 public: | |
| 28 AppContainerAttributes(); | |
| 29 ~AppContainerAttributes(); | |
| 30 | |
| 31 // Sets the AppContainer and capabilities to be used with the new process. | |
| 32 ResultCode SetAppContainer(const string16& app_container_sid, | |
| 33 const std::vector<string16>& capabilities); | |
| 34 | |
| 35 // Updates the proc_thred attribute list of the provided startup_information | |
| 36 // with the app container related data. | |
| 37 // WARNING: startup_information just points back to our internal memory, so | |
| 38 // the lifetime of this object has to be greater than the lifetime of the | |
| 39 // provided startup_information. | |
| 40 ResultCode ShareForStartup( | |
| 41 base::win::StartupInformation* startup_information) const; | |
| 42 | |
| 43 bool HasAppContainer() const; | |
| 44 | |
| 45 private: | |
| 46 SECURITY_CAPABILITIES capabilities_; | |
| 47 std::vector<SID_AND_ATTRIBUTES> attributes_; | |
| 48 | |
| 49 DISALLOW_COPY_AND_ASSIGN(AppContainerAttributes); | |
| 50 }; | |
| 51 | |
| 52 // Creates a new AppContainer on the system. |sid| is the identifier of the new | |
| 53 // AppContainer, and |name| will be used as both the display name and moniker. | |
| 54 // This function fails if the OS doesn't support AppContainers, or if there is | |
| 55 // an AppContainer registered with the same id. | |
| 56 ResultCode CreateAppContainer(const string16& sid, const string16& name); | |
| 57 | |
| 58 // Deletes an AppContainer previously created with a successfull call to | |
| 59 // CreateAppContainer. | |
| 60 ResultCode DeleteAppContainer(const string16& sid); | |
| 61 | |
| 62 // Retrieves the name associated with the provided AppContainer sid. Returns an | |
| 63 // empty string if the AppContainer is not registered with the system. | |
| 64 string16 LookupAppContainer(const string16& sid); | |
| 65 | |
| 66 } // namespace sandbox | |
| 67 | |
| 68 #endif // SANDBOX_WIN_SRC_APP_CONTAINER_H_ |
