sandbox/win/tools/launcher/launcher.cc

   1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "sandbox/win/src/restricted_token_utils.h"
   6
   7 // launcher.exe is an application used to launch another application with a
   8 // restricted token. This is to be used for testing only.
   9 // The parameters are the level of security of the primary token, the
  10 // impersonation token and the job object along with the command line to
  11 // execute.
  12 // See the usage (launcher.exe without parameters) for the correct format.
  13
  14 #define PARAM_IS(y) (argc > i) && (_wcsicmp(argv[i], y) == 0)
  15
  16 void PrintUsage(const wchar_t *application_name) {
  17   wprintf(L"\n\nUsage: \n  %ls --main level --init level --job level cmd_line ",
  18           application_name);
  19   wprintf(L"\n\n  Levels : \n\tLOCKDOWN \n\tRESTRICTED "
  20       L"\n\tLIMITED_USER \n\tINTERACTIVE_USER \n\tNON_ADMIN \n\tUNPROTECTED");
  21   wprintf(L"\n\n  main: Security level of the main token");
  22   wprintf(L"\n  init: Security level of the impersonation token");
  23   wprintf(L"\n  job: Security level of the job object");
  24 }
  25
  26 bool GetTokenLevelFromString(const wchar_t *param,
  27                              sandbox::TokenLevel* level) {
  28   if (_wcsicmp(param, L"LOCKDOWN") == 0) {
  29     *level = sandbox::USER_LOCKDOWN;
  30   } else if (_wcsicmp(param, L"RESTRICTED") == 0) {
  31     *level = sandbox::USER_RESTRICTED;
  32   } else if (_wcsicmp(param, L"LIMITED_USER") == 0) {
  33     *level = sandbox::USER_LIMITED;
  34   } else if (_wcsicmp(param, L"INTERACTIVE_USER") == 0) {
  35     *level = sandbox::USER_INTERACTIVE;
  36   } else if (_wcsicmp(param, L"NON_ADMIN") == 0) {
  37     *level = sandbox::USER_NON_ADMIN;
  38   } else if (_wcsicmp(param, L"USER_RESTRICTED_SAME_ACCESS") == 0) {
  39     *level = sandbox::USER_RESTRICTED_SAME_ACCESS;
  40   } else if (_wcsicmp(param, L"UNPROTECTED") == 0) {
  41     *level = sandbox::USER_UNPROTECTED;
  42   } else {
  43     return false;
  44   }
  45
  46   return true;
  47 }
  48
  49 bool GetJobLevelFromString(const wchar_t *param, sandbox::JobLevel* level) {
  50   if (_wcsicmp(param, L"LOCKDOWN") == 0) {
  51     *level = sandbox::JOB_LOCKDOWN;
  52   } else if (_wcsicmp(param, L"RESTRICTED") == 0) {
  53     *level = sandbox::JOB_RESTRICTED;
  54   } else if (_wcsicmp(param, L"LIMITED_USER") == 0) {
  55     *level = sandbox::JOB_LIMITED_USER;
  56   } else if (_wcsicmp(param, L"INTERACTIVE_USER") == 0) {
  57     *level = sandbox::JOB_INTERACTIVE;
  58   } else if (_wcsicmp(param, L"NON_ADMIN") == 0) {
  59     wprintf(L"\nNON_ADMIN is not a supported job type");
  60     return false;
  61   } else if (_wcsicmp(param, L"UNPROTECTED") == 0) {
  62     *level = sandbox::JOB_UNPROTECTED;
  63   } else {
  64     return false;
  65   }
  66
  67   return true;
  68 }
  69
  70 int wmain(int argc, wchar_t *argv[]) {
  71   // Extract the filename from the path.
  72   wchar_t *app_name = wcsrchr(argv[0], L'\\');
  73   if (!app_name) {
  74     app_name = argv[0];
  75   } else {
  76     app_name++;
  77   }
  78
  79   // no argument
  80   if (argc == 1) {
  81     PrintUsage(app_name);
  82     return -1;
  83   }
  84
  85   sandbox::TokenLevel primary_level = sandbox::USER_LOCKDOWN;
  86   sandbox::TokenLevel impersonation_level =
  87       sandbox::USER_RESTRICTED_SAME_ACCESS;
  88   sandbox::JobLevel job_level = sandbox::JOB_LOCKDOWN;
  89   ATL::CString command_line;
  90
  91   // parse command line.
  92   for (int i = 1; i < argc; ++i) {
  93     if (PARAM_IS(L"--main")) {
  94       i++;
  95       if (argc > i) {
  96         if (!GetTokenLevelFromString(argv[i], &primary_level)) {
  97           wprintf(L"\nAbord, Unrecognized main token level \"%ls\"", argv[i]);
  98           PrintUsage(app_name);
  99           return -1;
 100         }
 101       }
 102     } else if (PARAM_IS(L"--init")) {
 103       i++;
 104       if (argc > i) {
 105         if (!GetTokenLevelFromString(argv[i], &impersonation_level)) {
 106           wprintf(L"\nAbord, Unrecognized init token level \"%ls\"", argv[i]);
 107           PrintUsage(app_name);
 108           return -1;
 109         }
 110       }
 111     } else if (PARAM_IS(L"--job")) {
 112       i++;
 113       if (argc > i) {
 114         if (!GetJobLevelFromString(argv[i], &job_level)) {
 115           wprintf(L"\nAbord, Unrecognized job security level \"%ls\"", argv[i]);
 116           PrintUsage(app_name);
 117           return -1;
 118         }
 119       }
 120     } else {
 121       if (command_line.GetLength()) {
 122         command_line += L' ';
 123       }
 124       command_line += argv[i];
 125     }
 126   }
 127
 128   if (!command_line.GetLength()) {
 129     wprintf(L"\nAbord, No command line specified");
 130     PrintUsage(app_name);
 131     return -1;
 132   }
 133
 134   wprintf(L"\nLaunching command line: \"%ls\"\n", command_line.GetBuffer());
 135
 136   HANDLE job_handle;
 137   DWORD err_code = sandbox::StartRestrictedProcessInJob(
 138       command_line.GetBuffer(),
 139       primary_level,
 140       impersonation_level,
 141       job_level,
 142       &job_handle);
 143   if (ERROR_SUCCESS != err_code) {
 144     wprintf(L"\nAbord, Error %d while launching command line.", err_code);
 145     return -1;
 146   }
 147
 148   wprintf(L"\nPress any key to continue.");
 149   while(!_kbhit()) {
 150     Sleep(100);
 151   }
 152
 153   ::CloseHandle(job_handle);
 154
 155   return 0;
 156 }