Revert 93113 - Add a sandbox API to allow closing open handles at loc…

…kdown. Reverting on suspicion that it's related to NaCl test breakage. BUG=58069 BUG=74242 TEST=sbox_integration_tests --gtest_filter=HandleCloserTests.* Review URL: http://codereview.chromium.org/7253054 TBR=jschuh@chromium.org Review URL: http://codereview.chromium.org/7462003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@93128 0039d316-1c4b-4281-b951-d872f2087c98
Denger-Network · Jul 19, 2011 · 6f57e1f · 6f57e1f
1 parent 8b42f25
commit 6f57e1f
Show file tree

Hide file tree

Showing 12 changed files with 9 additions and 620 deletions.
diff --git a/content/common/sandbox_policy.cc b/content/common/sandbox_policy.cc
@@ -194,41 +194,6 @@ void AddDllEvictionPolicy(sandbox::TargetPolicy* policy) {
     BlacklistAddOneDll(kTroublesomeDlls[ix], policy);
 }
 
-// Returns the object path prepended with the current logon session.
-string16 PrependWindowsSessionPath(const char16* object) {
-  // Cache this because it can't change after process creation.
-  static string16* session_prefix = NULL;
-  if (!session_prefix) {
-    HANDLE token;
-    DWORD session_id;
-    DWORD session_id_length;
-
-    CHECK(::OpenProcessToken(::GetCurrentProcess(), TOKEN_QUERY, &token));
-    CHECK(::GetTokenInformation(token, TokenSessionId, &session_id,
-        sizeof(session_id), &session_id_length));
-    CloseHandle(token);
-
-    session_prefix = new string16(base::StringPrintf(L"\\Sessions\\%d",
-        session_id));
-  }
-
-  return *session_prefix + object;
-}
-
-// Closes handles that are opened at process creation and initialization.
-void AddBaseHandleClosePolicy(sandbox::TargetPolicy* policy) {
-  // Being able to manipulate anything BaseNamedObjects is bad.
-  policy->AddKernelObjectToClose(L"Directory", PrependWindowsSessionPath(
-      L"\\BaseNamedObjects").data());
-  policy->AddKernelObjectToClose(L"Section", PrependWindowsSessionPath(
-      L"\\BaseNamedObjects\\windows_shell_global_counters").data());
-}
-
-void AddStrictHandleClosePolicy(sandbox::TargetPolicy* policy) {
-  // This is loaded when rand_s is seeded, but not needed again.
-  policy->AddKernelObjectToClose(L"File", L"\\Device\\KsecDD");
-}
-
 // Adds the generic policy rules to a sandbox TargetPolicy.
 bool AddGenericPolicy(sandbox::TargetPolicy* policy) {
   sandbox::ResultCode result;
@@ -314,7 +279,6 @@ void AddPolicyForRenderer(sandbox::TargetPolicy* policy) {
   }
 
   AddDllEvictionPolicy(policy);
-  AddBaseHandleClosePolicy(policy);
 }
 
 // The Pepper process as locked-down as a renderer execpt that it can
@@ -450,8 +414,6 @@ base::ProcessHandle StartProcessWithAccess(CommandLine* cmd_line,
       return 0;
   } else {
     AddPolicyForRenderer(policy);
-    if (type == ChildProcessInfo::RENDER_PROCESS)
-      AddStrictHandleClosePolicy(policy);
 
     if (type_str != switches::kRendererProcess) {
       // Hack for Google Desktop crash. Trick GD into not injecting its DLL into

diff --git a/sandbox/sandbox.gyp b/sandbox/sandbox.gyp
@@ -33,10 +33,6 @@
             'src/filesystem_interception.h',
             'src/filesystem_policy.cc',
             'src/filesystem_policy.h',
-            'src/handle_closer.cc',
-            'src/handle_closer.h',
-            'src/handle_closer_agent.cc',
-            'src/handle_closer_agent.h',
             'src/handle_table.cc',
             'src/handle_table.h',
             'src/interception.cc',
@@ -287,7 +283,6 @@
             'src/dep_test.cc',
             'src/file_policy_test.cc',
             'tests/integration_tests/integration_tests_test.cc',
-            'src/handle_closer_test.cc',
             'src/integrity_level_test.cc',
             'src/ipc_ping_test.cc',
             'src/named_pipe_policy_test.cc',

diff --git a/sandbox/src/handle_closer.cc b/sandbox/src/handle_closer.cc
diff --git a/sandbox/src/handle_closer.h b/sandbox/src/handle_closer.h