blob: e587c25983077f348b4db540ce8eeb8aa50ddc34 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
|
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "SandboxInitialization.h"
#include "sandbox/win/src/sandbox_factory.h"
namespace mozilla {
namespace sandboxing {
static sandbox::TargetServices*
InitializeTargetServices()
{
sandbox::TargetServices* targetServices =
sandbox::SandboxFactory::GetTargetServices();
if (!targetServices) {
return nullptr;
}
if (targetServices->Init() != sandbox::SBOX_ALL_OK) {
return nullptr;
}
return targetServices;
}
sandbox::TargetServices*
GetInitializedTargetServices()
{
static sandbox::TargetServices* sInitializedTargetServices =
InitializeTargetServices();
return sInitializedTargetServices;
}
void
LowerSandbox()
{
GetInitializedTargetServices()->LowerToken();
}
static sandbox::BrokerServices*
InitializeBrokerServices()
{
sandbox::BrokerServices* brokerServices =
sandbox::SandboxFactory::GetBrokerServices();
if (!brokerServices) {
return nullptr;
}
if (brokerServices->Init() != sandbox::SBOX_ALL_OK) {
return nullptr;
}
// Comment below copied from Chromium code.
// Precreate the desktop and window station used by the renderers.
// IMPORTANT: This piece of code needs to run as early as possible in the
// process because it will initialize the sandbox broker, which requires
// the process to swap its window station. During this time all the UI
// will be broken. This has to run before threads and windows are created.
sandbox::TargetPolicy* policy = brokerServices->CreatePolicy();
sandbox::ResultCode result = policy->CreateAlternateDesktop(true);
policy->Release();
return brokerServices;
}
sandbox::BrokerServices*
GetInitializedBrokerServices()
{
static sandbox::BrokerServices* sInitializedBrokerServices =
InitializeBrokerServices();
return sInitializedBrokerServices;
}
} // sandboxing
} // mozilla
|
