1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/sandbox/win/src/handle_policy.h Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,41 @@
1.4 +// Copyright (c) 2012 The Chromium Authors. All rights reserved.
1.5 +// Use of this source code is governed by a BSD-style license that can be
1.6 +// found in the LICENSE file.
1.7 +
1.8 +#ifndef SANDBOX_SRC_HANDLE_POLICY_H_
1.9 +#define SANDBOX_SRC_HANDLE_POLICY_H_
1.10 +
1.11 +#include <string>
1.12 +
1.13 +#include "base/basictypes.h"
1.14 +#include "sandbox/win/src/crosscall_server.h"
1.15 +#include "sandbox/win/src/policy_low_level.h"
1.16 +#include "sandbox/win/src/sandbox_policy.h"
1.17 +
1.18 +namespace sandbox {
1.19 +
1.20 +enum EvalResult;
1.21 +
1.22 +// This class centralizes most of the knowledge related to handle policy.
1.23 +class HandlePolicy {
1.24 + public:
1.25 + // Creates the required low-level policy rules to evaluate a high-level
1.26 + // policy rule for handles, in particular duplicate action.
1.27 + static bool GenerateRules(const wchar_t* type_name,
1.28 + TargetPolicy::Semantics semantics,
1.29 + LowLevelPolicy* policy);
1.30 +
1.31 + // Processes a 'TargetPolicy::DuplicateHandle()' request from the target.
1.32 + static DWORD DuplicateHandleProxyAction(EvalResult eval_result,
1.33 + const ClientInfo& client_info,
1.34 + HANDLE source_handle,
1.35 + DWORD target_process_id,
1.36 + HANDLE* target_handle,
1.37 + DWORD desired_access,
1.38 + DWORD options);
1.39 +};
1.40 +
1.41 +} // namespace sandbox
1.42 +
1.43 +#endif // SANDBOX_SRC_HANDLE_POLICY_H_
1.44 +
