mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-19 08:15:31 +00:00
Bug 1344453 Part 1: Allow a special all paths rule in the Windows process sandbox when using semantics FILES_ALLOW_READONLY. r=jimm
This also changes the read only related status checks in filesystem_interception.cc to include STATUS_NETWORK_OPEN_RESTRICTION (0xC0000201), which gets returned in some cases and fails because we never ask the broker.
This commit is contained in:
parent
7b1f32af65
commit
0ee38abf35
@ -16,6 +16,10 @@
|
||||
#include "sandbox/win/src/target_services.h"
|
||||
#include "mozilla/sandboxing/sandboxLogging.h"
|
||||
|
||||
// This status occurs when trying to access a network share on the machine from
|
||||
// which it is shared.
|
||||
#define STATUS_NETWORK_OPEN_RESTRICTION ((NTSTATUS)0xC0000201L)
|
||||
|
||||
namespace sandbox {
|
||||
|
||||
NTSTATUS WINAPI TargetNtCreateFile(NtCreateFileFunction orig_CreateFile,
|
||||
@ -31,7 +35,8 @@ NTSTATUS WINAPI TargetNtCreateFile(NtCreateFileFunction orig_CreateFile,
|
||||
io_status, allocation_size,
|
||||
file_attributes, sharing, disposition,
|
||||
options, ea_buffer, ea_length);
|
||||
if (STATUS_ACCESS_DENIED != status)
|
||||
if (STATUS_ACCESS_DENIED != status &&
|
||||
STATUS_NETWORK_OPEN_RESTRICTION != status)
|
||||
return status;
|
||||
|
||||
mozilla::sandboxing::LogBlocked("NtCreateFile",
|
||||
@ -111,7 +116,8 @@ NTSTATUS WINAPI TargetNtOpenFile(NtOpenFileFunction orig_OpenFile, PHANDLE file,
|
||||
// Check if the process can open it first.
|
||||
NTSTATUS status = orig_OpenFile(file, desired_access, object_attributes,
|
||||
io_status, sharing, options);
|
||||
if (STATUS_ACCESS_DENIED != status)
|
||||
if (STATUS_ACCESS_DENIED != status &&
|
||||
STATUS_NETWORK_OPEN_RESTRICTION != status)
|
||||
return status;
|
||||
|
||||
mozilla::sandboxing::LogBlocked("NtOpenFile",
|
||||
@ -187,7 +193,8 @@ NTSTATUS WINAPI TargetNtQueryAttributesFile(
|
||||
PFILE_BASIC_INFORMATION file_attributes) {
|
||||
// Check if the process can query it first.
|
||||
NTSTATUS status = orig_QueryAttributes(object_attributes, file_attributes);
|
||||
if (STATUS_ACCESS_DENIED != status)
|
||||
if (STATUS_ACCESS_DENIED != status &&
|
||||
STATUS_NETWORK_OPEN_RESTRICTION != status)
|
||||
return status;
|
||||
|
||||
mozilla::sandboxing::LogBlocked("NtQueryAttributesFile",
|
||||
@ -249,7 +256,8 @@ NTSTATUS WINAPI TargetNtQueryFullAttributesFile(
|
||||
// Check if the process can query it first.
|
||||
NTSTATUS status = orig_QueryFullAttributes(object_attributes,
|
||||
file_attributes);
|
||||
if (STATUS_ACCESS_DENIED != status)
|
||||
if (STATUS_ACCESS_DENIED != status &&
|
||||
STATUS_NETWORK_OPEN_RESTRICTION != status)
|
||||
return status;
|
||||
|
||||
mozilla::sandboxing::LogBlocked("NtQueryFullAttributesFile",
|
||||
|
@ -82,7 +82,11 @@ bool FileSystemPolicy::GenerateRules(const wchar_t* name,
|
||||
return false;
|
||||
}
|
||||
|
||||
if (!PreProcessName(&mod_name)) {
|
||||
// Don't pre-process the path name and check for reparse points if it is the
|
||||
// special case of allowing read access to all paths.
|
||||
if (!(semantics == TargetPolicy::FILES_ALLOW_READONLY
|
||||
&& mod_name.compare(L"*") == 0)
|
||||
&& !PreProcessName(&mod_name)) {
|
||||
// The path to be added might contain a reparse point.
|
||||
NOTREACHED();
|
||||
return false;
|
||||
|
@ -5,4 +5,5 @@ https://hg.mozilla.org/mozilla-central/rev/a05726163a79
|
||||
https://hg.mozilla.org/mozilla-central/rev/e834e810a3fa
|
||||
https://hg.mozilla.org/mozilla-central/rev/c70d06fa5302
|
||||
https://hg.mozilla.org/mozilla-central/rev/d24db55deb85
|
||||
https://bugzilla.mozilla.org/show_bug.cgi?id=1321724 bug1321724.patch
|
||||
https://hg.mozilla.org/mozilla-central/rev/0e6bf137521e
|
||||
https://bugzilla.mozilla.org/show_bug.cgi?id=1344453 bug1344453part1.patch
|
||||
|
Loading…
Reference in New Issue
Block a user