diff options
author | wolfbeast <mcwerewolf@gmail.com> | 2018-05-03 05:55:15 +0200 |
---|---|---|
committer | wolfbeast <mcwerewolf@gmail.com> | 2018-05-03 05:55:15 +0200 |
commit | 43f7a588f96aaf88e7b69441c3b50bc9c7b20df7 (patch) | |
tree | 07d9b26b2f357ee9de04fea0e5e4b8b9a1ff93a4 /security/sandbox/win/src/sandboxbroker/sandboxBroker.h | |
parent | 4613b91ecac2745252c40be64e73de5ff920b02b (diff) | |
download | UXP-43f7a588f96aaf88e7b69441c3b50bc9c7b20df7.tar UXP-43f7a588f96aaf88e7b69441c3b50bc9c7b20df7.tar.gz UXP-43f7a588f96aaf88e7b69441c3b50bc9c7b20df7.tar.lz UXP-43f7a588f96aaf88e7b69441c3b50bc9c7b20df7.tar.xz UXP-43f7a588f96aaf88e7b69441c3b50bc9c7b20df7.zip |
Nuke the sandbox
Diffstat (limited to 'security/sandbox/win/src/sandboxbroker/sandboxBroker.h')
-rw-r--r-- | security/sandbox/win/src/sandboxbroker/sandboxBroker.h | 60 |
1 files changed, 0 insertions, 60 deletions
diff --git a/security/sandbox/win/src/sandboxbroker/sandboxBroker.h b/security/sandbox/win/src/sandboxbroker/sandboxBroker.h deleted file mode 100644 index 7f1f1597f..000000000 --- a/security/sandbox/win/src/sandboxbroker/sandboxBroker.h +++ /dev/null @@ -1,60 +0,0 @@ -/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ -/* vim: set ts=2 et sw=2 tw=80: */ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#ifndef __SECURITY_SANDBOX_SANDBOXBROKER_H__ -#define __SECURITY_SANDBOX_SANDBOXBROKER_H__ - -#include <stdint.h> -#include <windows.h> - -namespace sandbox { - class BrokerServices; - class TargetPolicy; -} - -namespace mozilla { - -class SandboxBroker -{ -public: - SandboxBroker(); - - static void Initialize(sandbox::BrokerServices* aBrokerServices); - - bool LaunchApp(const wchar_t *aPath, - const wchar_t *aArguments, - const bool aEnableLogging, - void **aProcessHandle); - virtual ~SandboxBroker(); - - // Security levels for different types of processes - bool SetSecurityLevelForPluginProcess(int32_t aSandboxLevel); - enum SandboxLevel { - LockDown, - Restricted - }; - bool SetSecurityLevelForGMPlugin(SandboxLevel aLevel); - - // File system permissions - bool AllowReadFile(wchar_t const *file); - bool AllowReadWriteFile(wchar_t const *file); - bool AllowDirectory(wchar_t const *dir); - - // Exposes AddTargetPeer from broker services, so that none sandboxed - // processes can be added as handle duplication targets. - bool AddTargetPeer(HANDLE aPeerProcess); - - // Set up dummy interceptions via the broker, so we can log calls. - void ApplyLoggingPolicy(); - -private: - static sandbox::BrokerServices *sBrokerService; - sandbox::TargetPolicy *mPolicy; -}; - -} // mozilla - -#endif |