Add ICU message format support
[chromium-blink-merge.git] / sandbox / win / src / restricted_token_utils.h
blobb4e4fded95604b1167b3bad6d3c206478cb129c3
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef SANDBOX_SRC_RESTRICTED_TOKEN_UTILS_H__
6 #define SANDBOX_SRC_RESTRICTED_TOKEN_UTILS_H__
8 #include <accctrl.h>
9 #include <windows.h>
11 #include "base/win/scoped_handle.h"
12 #include "sandbox/win/src/restricted_token.h"
13 #include "sandbox/win/src/security_level.h"
15 // Contains the utility functions to be able to create restricted tokens based
16 // on a security profiles.
18 namespace sandbox {
20 // The type of the token returned by the CreateNakedToken.
21 enum TokenType {
22 IMPERSONATION = 0,
23 PRIMARY
26 // Creates a restricted token based on the effective token of the current
27 // process. The parameter security_level determines how much the token is
28 // restricted. The token_type determines if the token will be used as a primary
29 // token or impersonation token. The integrity level of the token is set to
30 // |integrity level| on Vista only.
31 // |token| is the output value containing the handle of the newly created
32 // restricted token.
33 // If the function succeeds, the return value is ERROR_SUCCESS. If the
34 // function fails, the return value is the win32 error code corresponding to
35 // the error.
36 DWORD CreateRestrictedToken(TokenLevel security_level,
37 IntegrityLevel integrity_level,
38 TokenType token_type,
39 base::win::ScopedHandle* token);
41 // Sets the integrity label on a object handle.
42 DWORD SetObjectIntegrityLabel(HANDLE handle, SE_OBJECT_TYPE type,
43 const wchar_t* ace_access,
44 const wchar_t* integrity_level_sid);
46 // Sets the integrity level on a token. This is only valid on Vista. It returns
47 // without failing on XP. If the integrity level that you specify is greater
48 // than the current integrity level, the function will fail.
49 DWORD SetTokenIntegrityLevel(HANDLE token, IntegrityLevel integrity_level);
51 // Returns the integrity level SDDL string associated with a given
52 // IntegrityLevel value.
53 const wchar_t* GetIntegrityLevelString(IntegrityLevel integrity_level);
55 // Sets the integrity level on the current process on Vista. It returns without
56 // failing on XP. If the integrity level that you specify is greater than the
57 // current integrity level, the function will fail.
58 DWORD SetProcessIntegrityLevel(IntegrityLevel integrity_level);
60 // Hardens the integrity level policy on a token. This is only valid on Win 7
61 // and above. Specifically it sets the policy to block read and execute so
62 // that a lower privileged process cannot open the token for impersonate or
63 // duplicate permissions. This should limit potential security holes.
64 DWORD HardenTokenIntegrityLevelPolicy(HANDLE token);
66 // Hardens the integrity level policy on the current process. This is only
67 // valid on Win 7 and above. Specifically it sets the policy to block read
68 // and execute so that a lower privileged process cannot open the token for
69 // impersonate or duplicate permissions. This should limit potential security
70 // holes.
71 DWORD HardenProcessIntegrityLevelPolicy();
73 } // namespace sandbox
75 #endif // SANDBOX_SRC_RESTRICTED_TOKEN_UTILS_H__