diff options
Diffstat (limited to 'sandbox/win/tools/launcher/launcher.cc')
| -rw-r--r-- | sandbox/win/tools/launcher/launcher.cc | 156 |
1 files changed, 0 insertions, 156 deletions
diff --git a/sandbox/win/tools/launcher/launcher.cc b/sandbox/win/tools/launcher/launcher.cc deleted file mode 100644 index efcc4a43cc..0000000000 --- a/sandbox/win/tools/launcher/launcher.cc +++ /dev/null @@ -1,156 +0,0 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include "sandbox/win/src/restricted_token_utils.h" - -// launcher.exe is an application used to launch another application with a -// restricted token. This is to be used for testing only. -// The parameters are the level of security of the primary token, the -// impersonation token and the job object along with the command line to -// execute. -// See the usage (launcher.exe without parameters) for the correct format. - -#define PARAM_IS(y) (argc > i) && (_wcsicmp(argv[i], y) == 0) - -void PrintUsage(const wchar_t *application_name) { - wprintf(L"\n\nUsage: \n %ls --main level --init level --job level cmd_line ", - application_name); - wprintf(L"\n\n Levels : \n\tLOCKDOWN \n\tRESTRICTED " - L"\n\tLIMITED_USER \n\tINTERACTIVE_USER \n\tNON_ADMIN \n\tUNPROTECTED"); - wprintf(L"\n\n main: Security level of the main token"); - wprintf(L"\n init: Security level of the impersonation token"); - wprintf(L"\n job: Security level of the job object"); -} - -bool GetTokenLevelFromString(const wchar_t *param, - sandbox::TokenLevel* level) { - if (_wcsicmp(param, L"LOCKDOWN") == 0) { - *level = sandbox::USER_LOCKDOWN; - } else if (_wcsicmp(param, L"RESTRICTED") == 0) { - *level = sandbox::USER_RESTRICTED; - } else if (_wcsicmp(param, L"LIMITED_USER") == 0) { - *level = sandbox::USER_LIMITED; - } else if (_wcsicmp(param, L"INTERACTIVE_USER") == 0) { - *level = sandbox::USER_INTERACTIVE; - } else if (_wcsicmp(param, L"NON_ADMIN") == 0) { - *level = sandbox::USER_NON_ADMIN; - } else if (_wcsicmp(param, L"USER_RESTRICTED_SAME_ACCESS") == 0) { - *level = sandbox::USER_RESTRICTED_SAME_ACCESS; - } else if (_wcsicmp(param, L"UNPROTECTED") == 0) { - *level = sandbox::USER_UNPROTECTED; - } else { - return false; - } - - return true; -} - -bool GetJobLevelFromString(const wchar_t *param, sandbox::JobLevel* level) { - if (_wcsicmp(param, L"LOCKDOWN") == 0) { - *level = sandbox::JOB_LOCKDOWN; - } else if (_wcsicmp(param, L"RESTRICTED") == 0) { - *level = sandbox::JOB_RESTRICTED; - } else if (_wcsicmp(param, L"LIMITED_USER") == 0) { - *level = sandbox::JOB_LIMITED_USER; - } else if (_wcsicmp(param, L"INTERACTIVE_USER") == 0) { - *level = sandbox::JOB_INTERACTIVE; - } else if (_wcsicmp(param, L"NON_ADMIN") == 0) { - wprintf(L"\nNON_ADMIN is not a supported job type"); - return false; - } else if (_wcsicmp(param, L"UNPROTECTED") == 0) { - *level = sandbox::JOB_UNPROTECTED; - } else { - return false; - } - - return true; -} - -int wmain(int argc, wchar_t *argv[]) { - // Extract the filename from the path. - wchar_t *app_name = wcsrchr(argv[0], L'\\'); - if (!app_name) { - app_name = argv[0]; - } else { - app_name++; - } - - // no argument - if (argc == 1) { - PrintUsage(app_name); - return -1; - } - - sandbox::TokenLevel primary_level = sandbox::USER_LOCKDOWN; - sandbox::TokenLevel impersonation_level = - sandbox::USER_RESTRICTED_SAME_ACCESS; - sandbox::JobLevel job_level = sandbox::JOB_LOCKDOWN; - ATL::CString command_line; - - // parse command line. - for (int i = 1; i < argc; ++i) { - if (PARAM_IS(L"--main")) { - i++; - if (argc > i) { - if (!GetTokenLevelFromString(argv[i], &primary_level)) { - wprintf(L"\nAbord, Unrecognized main token level \"%ls\"", argv[i]); - PrintUsage(app_name); - return -1; - } - } - } else if (PARAM_IS(L"--init")) { - i++; - if (argc > i) { - if (!GetTokenLevelFromString(argv[i], &impersonation_level)) { - wprintf(L"\nAbord, Unrecognized init token level \"%ls\"", argv[i]); - PrintUsage(app_name); - return -1; - } - } - } else if (PARAM_IS(L"--job")) { - i++; - if (argc > i) { - if (!GetJobLevelFromString(argv[i], &job_level)) { - wprintf(L"\nAbord, Unrecognized job security level \"%ls\"", argv[i]); - PrintUsage(app_name); - return -1; - } - } - } else { - if (command_line.GetLength()) { - command_line += L' '; - } - command_line += argv[i]; - } - } - - if (!command_line.GetLength()) { - wprintf(L"\nAbord, No command line specified"); - PrintUsage(app_name); - return -1; - } - - wprintf(L"\nLaunching command line: \"%ls\"\n", command_line.GetBuffer()); - - HANDLE job_handle; - DWORD err_code = sandbox::StartRestrictedProcessInJob( - command_line.GetBuffer(), - primary_level, - impersonation_level, - job_level, - &job_handle); - if (ERROR_SUCCESS != err_code) { - wprintf(L"\nAbord, Error %d while launching command line.", err_code); - return -1; - } - - wprintf(L"\nPress any key to continue."); - while(!_kbhit()) { - Sleep(100); - } - - ::CloseHandle(job_handle); - - return 0; -} |