[Windows] Remove Name from Anonymous Sections |
|
Issue descriptionIn order to fix crbug.com/338538 the shared memory implementation added a randomly generated name to anonymous sections as Windows didn't enforce a security descriptor on unnamed section objects. This was a problem due to the handles being duplicated into less privileged processes and would allow a section to be converted from read-only to writable. Due to some recent research I've discovered that Microsoft changed this behavior, at least in Windows 10 and potentially in Windows 8.X so that you can now specify a security descriptor for an anonymous section object. We should be able to remove the need for generating a name on any platform >= 8.X which would remove the spamming of the user's named objects directory with unnecessary names and would probably save some memory and performance. There's already a unit test for this behavior so we should be able to just not generate the name if the current windows version is 8.X or greater.
,
Sep 6
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/d497ee1dac843b3dab76aa89209baea0dde15daf commit d497ee1dac843b3dab76aa89209baea0dde15daf Author: James Forshaw <forshaw@chromium.org> Date: Thu Sep 06 22:15:40 2018 [Windows] Only generate a platform shared memory name if on < v8.1. This CL changes the creation of anonymous shared memory on Windows to remove name generation on versions < 8.1. This was originally added as Windows would ignore the security of an unnamed object on XP -> 7, however from at least Windows 8.1 this is no longer the case as we can create unnamed shared memory (which will reduce memory usage slightly as well as clutter in the user's named objects directory) while still enforcing the security requirements. While this is likely to work on Windows 8 it'll only be enforced for 8.1 and above due to a lack of testing for 8. This CL applies the same changes in shared_memory_win to the platform shared memory APIs which just copied the original implementation. Bug: 880064 Change-Id: I3c61c01823a78d09ac6d220b647b26a07821ab39 Reviewed-on: https://chromium-review.googlesource.com/1209603 Reviewed-by: Will Harris <wfh@chromium.org> Commit-Queue: James Forshaw <forshaw@chromium.org> Cr-Commit-Position: refs/heads/master@{#589335} [modify] https://crrev.com/d497ee1dac843b3dab76aa89209baea0dde15daf/base/memory/platform_shared_memory_region_win.cc |
|
►
Sign in to add a comment |
|
Comment 1 by bugdroid1@chromium.org
, Sep 5