1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef SANDBOX_SRC_HANDLE_POLICY_H_ 6 #define SANDBOX_SRC_HANDLE_POLICY_H_ 7 8 #include <string> 9 10 #include "base/basictypes.h" 11 #include "sandbox/win/src/crosscall_server.h" 12 #include "sandbox/win/src/policy_low_level.h" 13 #include "sandbox/win/src/sandbox_policy.h" 14 15 namespace sandbox { 16 17 enum EvalResult; 18 19 // This class centralizes most of the knowledge related to handle policy. 20 class HandlePolicy { 21 public: 22 // Creates the required low-level policy rules to evaluate a high-level 23 // policy rule for handles, in particular duplicate action. 24 static bool GenerateRules(const wchar_t* type_name, 25 TargetPolicy::Semantics semantics, 26 LowLevelPolicy* policy); 27 28 // Processes a 'TargetPolicy::DuplicateHandle()' request from the target. 29 static DWORD DuplicateHandleProxyAction(EvalResult eval_result, 30 const ClientInfo& client_info, 31 HANDLE source_handle, 32 DWORD target_process_id, 33 HANDLE* target_handle, 34 DWORD desired_access, 35 DWORD options); 36 }; 37 38 } // namespace sandbox 39 40 #endif // SANDBOX_SRC_HANDLE_POLICY_H_ 41 42
