blob: 7f1f1597fb6d38c759e8bdbc65734b11f21d08ed (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef __SECURITY_SANDBOX_SANDBOXBROKER_H__
#define __SECURITY_SANDBOX_SANDBOXBROKER_H__
#include <stdint.h>
#include <windows.h>
namespace sandbox {
class BrokerServices;
class TargetPolicy;
}
namespace mozilla {
class SandboxBroker
{
public:
SandboxBroker();
static void Initialize(sandbox::BrokerServices* aBrokerServices);
bool LaunchApp(const wchar_t *aPath,
const wchar_t *aArguments,
const bool aEnableLogging,
void **aProcessHandle);
virtual ~SandboxBroker();
// Security levels for different types of processes
bool SetSecurityLevelForPluginProcess(int32_t aSandboxLevel);
enum SandboxLevel {
LockDown,
Restricted
};
bool SetSecurityLevelForGMPlugin(SandboxLevel aLevel);
// File system permissions
bool AllowReadFile(wchar_t const *file);
bool AllowReadWriteFile(wchar_t const *file);
bool AllowDirectory(wchar_t const *dir);
// Exposes AddTargetPeer from broker services, so that none sandboxed
// processes can be added as handle duplication targets.
bool AddTargetPeer(HANDLE aPeerProcess);
// Set up dummy interceptions via the broker, so we can log calls.
void ApplyLoggingPolicy();
private:
static sandbox::BrokerServices *sBrokerService;
sandbox::TargetPolicy *mPolicy;
};
} // mozilla
#endif
|
