blob: b698cc1200fd057f35d39173d665660ff0e4d602 [file] [log] [blame]
// Copyright (c) 2011 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include <windows.h>
#include <atlsecurity.h>
#include "base/process/process_info.h"
#include "base/win/access_token.h"
#include "base/win/windows_version.h"
#include "sandbox/win/src/sandbox.h"
#include "sandbox/win/src/sandbox_factory.h"
#include "sandbox/win/src/sandbox_policy.h"
#include "sandbox/win/tests/common/controller.h"
#include "testing/gtest/include/gtest/gtest.h"
#include "third_party/abseil-cpp/absl/types/optional.h"
namespace sandbox {
SBOX_TESTS_COMMAND int CheckUntrustedIntegrityLevel(int argc, wchar_t** argv) {
return (base::GetCurrentProcessIntegrityLevel() == base::UNTRUSTED_INTEGRITY)
? SBOX_TEST_SUCCEEDED
: SBOX_TEST_FAILED;
}
SBOX_TESTS_COMMAND int CheckLowIntegrityLevel(int argc, wchar_t** argv) {
return (base::GetCurrentProcessIntegrityLevel() == base::LOW_INTEGRITY)
? SBOX_TEST_SUCCEEDED
: SBOX_TEST_FAILED;
}
SBOX_TESTS_COMMAND int CheckIntegrityLevel(int argc, wchar_t** argv) {
absl::optional<base::win::AccessToken> token =
base::win::AccessToken::FromEffective();
if (!token)
return SBOX_TEST_FAILED;
if (token->IntegrityLevel() == SECURITY_MANDATORY_LOW_RID)
return SBOX_TEST_SUCCEEDED;
return SBOX_TEST_DENIED;
}
std::unique_ptr<TestRunner> LowILRealRunner() {
auto runner = std::make_unique<TestRunner>(JOB_LOCKDOWN, USER_INTERACTIVE,
USER_INTERACTIVE);
runner->SetTimeout(INFINITE);
runner->GetPolicy()->SetAlternateDesktop(true);
runner->GetPolicy()->SetIntegrityLevel(INTEGRITY_LEVEL_LOW);
return runner;
}
TEST(IntegrityLevelTest, TestLowILReal) {
auto runner = LowILRealRunner();
EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner->RunTest(L"CheckIntegrityLevel"));
runner = LowILRealRunner();
runner->SetTestState(BEFORE_REVERT);
EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner->RunTest(L"CheckIntegrityLevel"));
}
std::unique_ptr<TestRunner> LowILDelayedRunner() {
auto runner = std::make_unique<TestRunner>(JOB_LOCKDOWN, USER_INTERACTIVE,
USER_INTERACTIVE);
runner->SetTimeout(INFINITE);
runner->GetPolicy()->SetDelayedIntegrityLevel(INTEGRITY_LEVEL_LOW);
return runner;
}
TEST(DelayedIntegrityLevelTest, TestLowILDelayed) {
auto runner = LowILDelayedRunner();
EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner->RunTest(L"CheckIntegrityLevel"));
runner = LowILDelayedRunner();
runner->SetTestState(BEFORE_REVERT);
EXPECT_EQ(SBOX_TEST_DENIED, runner->RunTest(L"CheckIntegrityLevel"));
}
TEST(IntegrityLevelTest, TestNoILChange) {
TestRunner runner(JOB_LOCKDOWN, USER_INTERACTIVE, USER_INTERACTIVE);
runner.SetTimeout(INFINITE);
EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(L"CheckIntegrityLevel"));
}
TEST(IntegrityLevelTest, TestUntrustedIL) {
TestRunner runner(JOB_LOCKDOWN, USER_RESTRICTED_SAME_ACCESS, USER_LOCKDOWN);
runner.GetPolicy()->SetIntegrityLevel(INTEGRITY_LEVEL_LOW);
runner.GetPolicy()->SetDelayedIntegrityLevel(INTEGRITY_LEVEL_UNTRUSTED);
runner.GetPolicy()->SetLockdownDefaultDacl();
runner.SetTimeout(INFINITE);
EXPECT_EQ(SBOX_TEST_SUCCEEDED,
runner.RunTest(L"CheckUntrustedIntegrityLevel"));
}
TEST(IntegrityLevelTest, TestLowIL) {
TestRunner runner(JOB_LOCKDOWN, USER_RESTRICTED_SAME_ACCESS, USER_LOCKDOWN);
runner.GetPolicy()->SetIntegrityLevel(INTEGRITY_LEVEL_LOW);
runner.GetPolicy()->SetDelayedIntegrityLevel(INTEGRITY_LEVEL_LOW);
runner.GetPolicy()->SetLockdownDefaultDacl();
runner.SetTimeout(INFINITE);
EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"CheckLowIntegrityLevel"));
}
} // namespace sandbox