Add posibility to launch sandboxed process as other user
Reported by
lordprot...@gmail.com,
Jun 1 2018
|
||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.62 Safari/537.36 Steps to reproduce the problem: Currently there is no way how to launch a Target from Broker under different user account. This might be useful in some cases, for example if the Broker is running as SYSTEM and you would like to spawn the Target under some arbitrary user account. Most of the code needed for this is already present at sandbox, what's missing is a way how a user can supply a token that should be used instead of effective token of the current process. What is the expected behavior? What went wrong? N/A Did this work before? No Chrome version: 67.0.3396.62 Channel: stable OS Version: 10.0 Flash Version:
,
Jun 1 2018
,
Jun 3 2018
,
Jun 4 2018
The issue seems to be a feature request. Hence, marking it as untriaged for further inputs from dev team. Thanks...!!
,
Jun 6 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/004b242274287c44a890f16357e20f89ca8ff59f commit 004b242274287c44a890f16357e20f89ca8ff59f Author: Richard Baranyi <lordprotector@gmail.com> Date: Wed Jun 06 19:05:04 2018 Add posibility to spawn target under different user's account Bug: 848861 Change-Id: I9e34aeca5ba01199f276a4d6fec76183eda0d40a Reviewed-on: https://chromium-review.googlesource.com/1082432 Commit-Queue: Will Harris <wfh@chromium.org> Reviewed-by: Will Harris <wfh@chromium.org> Cr-Commit-Position: refs/heads/master@{#564991} [modify] https://crrev.com/004b242274287c44a890f16357e20f89ca8ff59f/sandbox/win/src/policy_target_test.cc [modify] https://crrev.com/004b242274287c44a890f16357e20f89ca8ff59f/sandbox/win/src/restricted_token_utils.cc [modify] https://crrev.com/004b242274287c44a890f16357e20f89ca8ff59f/sandbox/win/src/restricted_token_utils.h [modify] https://crrev.com/004b242274287c44a890f16357e20f89ca8ff59f/sandbox/win/src/sandbox_policy.h [modify] https://crrev.com/004b242274287c44a890f16357e20f89ca8ff59f/sandbox/win/src/sandbox_policy_base.cc [modify] https://crrev.com/004b242274287c44a890f16357e20f89ca8ff59f/sandbox/win/src/sandbox_policy_base.h [modify] https://crrev.com/004b242274287c44a890f16357e20f89ca8ff59f/services/service_manager/tests/sandbox/sandbox_win_unittest.cc |
||||
►
Sign in to add a comment |
||||
Comment 1 by wfh@chromium.org
, Jun 1 2018