summaryrefslogtreecommitdiffstats
path: root/security/sandbox/win/src/sandboxbroker/sandboxBroker.h
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@gmail.com>2018-05-03 05:55:15 +0200
committerwolfbeast <mcwerewolf@gmail.com>2018-05-03 05:55:15 +0200
commit43f7a588f96aaf88e7b69441c3b50bc9c7b20df7 (patch)
tree07d9b26b2f357ee9de04fea0e5e4b8b9a1ff93a4 /security/sandbox/win/src/sandboxbroker/sandboxBroker.h
parent4613b91ecac2745252c40be64e73de5ff920b02b (diff)
downloadUXP-43f7a588f96aaf88e7b69441c3b50bc9c7b20df7.tar
UXP-43f7a588f96aaf88e7b69441c3b50bc9c7b20df7.tar.gz
UXP-43f7a588f96aaf88e7b69441c3b50bc9c7b20df7.tar.lz
UXP-43f7a588f96aaf88e7b69441c3b50bc9c7b20df7.tar.xz
UXP-43f7a588f96aaf88e7b69441c3b50bc9c7b20df7.zip
Nuke the sandbox
Diffstat (limited to 'security/sandbox/win/src/sandboxbroker/sandboxBroker.h')
-rw-r--r--security/sandbox/win/src/sandboxbroker/sandboxBroker.h60
1 files changed, 0 insertions, 60 deletions
diff --git a/security/sandbox/win/src/sandboxbroker/sandboxBroker.h b/security/sandbox/win/src/sandboxbroker/sandboxBroker.h
deleted file mode 100644
index 7f1f1597f..000000000
--- a/security/sandbox/win/src/sandboxbroker/sandboxBroker.h
+++ /dev/null
@@ -1,60 +0,0 @@
-/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* vim: set ts=2 et sw=2 tw=80: */
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#ifndef __SECURITY_SANDBOX_SANDBOXBROKER_H__
-#define __SECURITY_SANDBOX_SANDBOXBROKER_H__
-
-#include <stdint.h>
-#include <windows.h>
-
-namespace sandbox {
- class BrokerServices;
- class TargetPolicy;
-}
-
-namespace mozilla {
-
-class SandboxBroker
-{
-public:
- SandboxBroker();
-
- static void Initialize(sandbox::BrokerServices* aBrokerServices);
-
- bool LaunchApp(const wchar_t *aPath,
- const wchar_t *aArguments,
- const bool aEnableLogging,
- void **aProcessHandle);
- virtual ~SandboxBroker();
-
- // Security levels for different types of processes
- bool SetSecurityLevelForPluginProcess(int32_t aSandboxLevel);
- enum SandboxLevel {
- LockDown,
- Restricted
- };
- bool SetSecurityLevelForGMPlugin(SandboxLevel aLevel);
-
- // File system permissions
- bool AllowReadFile(wchar_t const *file);
- bool AllowReadWriteFile(wchar_t const *file);
- bool AllowDirectory(wchar_t const *dir);
-
- // Exposes AddTargetPeer from broker services, so that none sandboxed
- // processes can be added as handle duplication targets.
- bool AddTargetPeer(HANDLE aPeerProcess);
-
- // Set up dummy interceptions via the broker, so we can log calls.
- void ApplyLoggingPolicy();
-
-private:
- static sandbox::BrokerServices *sBrokerService;
- sandbox::TargetPolicy *mPolicy;
-};
-
-} // mozilla
-
-#endif