1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include <windows.h>
6
7 #define _ATL_NO_EXCEPTIONS
8 #include <atlbase.h>
9 #include <atlsecurity.h>
10
11 #include "base/strings/string16.h"
12 #include "base/win/scoped_handle.h"
13 #include "base/win/windows_version.h"
14 #include "sandbox/win/src/sync_policy_test.h"
15 #include "testing/gtest/include/gtest/gtest.h"
16
17 namespace {
18
19 const wchar_t kAppContainerName[] = L"sbox_test";
20 const wchar_t kAppContainerSid[] =
21 L"S-1-15-2-3251537155-1984446955-2931258699-841473695-1938553385-"
22 L"924012148-2839372144";
23
24 const ULONG kSharing = FILE_SHARE_WRITE | FILE_SHARE_READ | FILE_SHARE_DELETE;
25
CreateTaggedEvent(const string16 & name,const string16 & sid)26 HANDLE CreateTaggedEvent(const string16& name, const string16& sid) {
27 base::win::ScopedHandle event(CreateEvent(NULL, FALSE, FALSE, name.c_str()));
28 if (!event.IsValid())
29 return NULL;
30
31 wchar_t file_name[MAX_PATH] = {};
32 wchar_t temp_directory[MAX_PATH] = {};
33 GetTempPath(MAX_PATH, temp_directory);
34 GetTempFileName(temp_directory, L"test", 0, file_name);
35
36 base::win::ScopedHandle file;
37 file.Set(CreateFile(file_name, GENERIC_READ | STANDARD_RIGHTS_READ, kSharing,
38 NULL, OPEN_EXISTING, 0, NULL));
39 DeleteFile(file_name);
40 if (!file.IsValid())
41 return NULL;
42
43 CSecurityDesc sd;
44 if (!AtlGetSecurityDescriptor(file.Get(), SE_FILE_OBJECT, &sd,
45 OWNER_SECURITY_INFORMATION |
46 GROUP_SECURITY_INFORMATION |
47 DACL_SECURITY_INFORMATION)) {
48 return NULL;
49 }
50
51 PSID local_sid;
52 if (!ConvertStringSidToSid(sid.c_str(), &local_sid))
53 return NULL;
54
55 CDacl new_dacl;
56 sd.GetDacl(&new_dacl);
57 CSid csid(reinterpret_cast<SID*>(local_sid));
58 new_dacl.AddAllowedAce(csid, EVENT_ALL_ACCESS);
59 if (!AtlSetDacl(event.Get(), SE_KERNEL_OBJECT, new_dacl))
60 event.Close();
61
62 LocalFree(local_sid);
63 return event.IsValid() ? event.Take() : NULL;
64 }
65
66 } // namespace
67
68 namespace sandbox {
69
TEST(AppContainerTest,AllowOpenEvent)70 TEST(AppContainerTest, AllowOpenEvent) {
71 if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8)
72 return;
73
74 TestRunner runner(JOB_UNPROTECTED, USER_UNPROTECTED, USER_UNPROTECTED);
75
76 const wchar_t capability[] = L"S-1-15-3-12345678-87654321";
77 base::win::ScopedHandle handle(CreateTaggedEvent(L"test", capability));
78 ASSERT_TRUE(handle.IsValid());
79
80 EXPECT_EQ(SBOX_ALL_OK,
81 runner.broker()->InstallAppContainer(kAppContainerSid,
82 kAppContainerName));
83 EXPECT_EQ(SBOX_ALL_OK, runner.GetPolicy()->SetCapability(capability));
84 EXPECT_EQ(SBOX_ALL_OK, runner.GetPolicy()->SetAppContainer(kAppContainerSid));
85
86 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"Event_Open f test"));
87
88 runner.SetTestState(BEFORE_REVERT);
89 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"Event_Open f test"));
90 EXPECT_EQ(SBOX_ALL_OK,
91 runner.broker()->UninstallAppContainer(kAppContainerSid));
92 }
93
TEST(AppContainerTest,DenyOpenEvent)94 TEST(AppContainerTest, DenyOpenEvent) {
95 if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8)
96 return;
97
98 TestRunner runner(JOB_UNPROTECTED, USER_UNPROTECTED, USER_UNPROTECTED);
99
100 const wchar_t capability[] = L"S-1-15-3-12345678-87654321";
101 base::win::ScopedHandle handle(CreateTaggedEvent(L"test", capability));
102 ASSERT_TRUE(handle.IsValid());
103
104 EXPECT_EQ(SBOX_ALL_OK,
105 runner.broker()->InstallAppContainer(kAppContainerSid,
106 kAppContainerName));
107 EXPECT_EQ(SBOX_ALL_OK, runner.GetPolicy()->SetAppContainer(kAppContainerSid));
108
109 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(L"Event_Open f test"));
110
111 runner.SetTestState(BEFORE_REVERT);
112 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(L"Event_Open f test"));
113 EXPECT_EQ(SBOX_ALL_OK,
114 runner.broker()->UninstallAppContainer(kAppContainerSid));
115 }
116
TEST(AppContainerTest,NoImpersonation)117 TEST(AppContainerTest, NoImpersonation) {
118 if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8)
119 return;
120
121 TestRunner runner(JOB_UNPROTECTED, USER_LIMITED, USER_LIMITED);
122 EXPECT_EQ(SBOX_ALL_OK, runner.GetPolicy()->SetAppContainer(kAppContainerSid));
123 }
124
TEST(AppContainerTest,WantsImpersonation)125 TEST(AppContainerTest, WantsImpersonation) {
126 if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8)
127 return;
128
129 TestRunner runner(JOB_UNPROTECTED, USER_UNPROTECTED, USER_NON_ADMIN);
130 EXPECT_EQ(SBOX_ERROR_CANNOT_INIT_APPCONTAINER,
131 runner.GetPolicy()->SetAppContainer(kAppContainerSid));
132 }
133
TEST(AppContainerTest,RequiresImpersonation)134 TEST(AppContainerTest, RequiresImpersonation) {
135 if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8)
136 return;
137
138 TestRunner runner(JOB_UNPROTECTED, USER_RESTRICTED, USER_RESTRICTED);
139 EXPECT_EQ(SBOX_ERROR_CANNOT_INIT_APPCONTAINER,
140 runner.GetPolicy()->SetAppContainer(kAppContainerSid));
141 }
142
143 } // namespace sandbox
144