Update to new stable branch 1750

This also includes an updated ninja and chromium dependencies
needed on Windows.

Change-Id: Icd597d80ed3fa4425933c9f1334c3c2e31291c42
Reviewed-by: Zoltan Arvai <zarvai@inf.u-szeged.hu>
Reviewed-by: Zeno Albisser <zeno.albisser@digia.com>

1 files changed, 23 insertions, 10 deletions

diff --git a/chromium/sandbox/win/src/window.cc b/chromium/sandbox/win/src/window.cc
index d8de9672726..6b5766b325b 100644
--- a/chromium/sandbox/win/src/window.cc
+++ b/chromium/sandbox/win/src/window.cc
@@ -8,6 +8,8 @@
 
 #include "base/logging.h"
 #include "base/memory/scoped_ptr.h"
+#include "sandbox/win/src/acl.h"
+#include "sandbox/win/src/sid.h"
 
 namespace {
 
@@ -46,14 +48,15 @@ ResultCode CreateAltWindowStation(HWINSTA* winsta) {
   *winsta = ::CreateWindowStationW(NULL, 0, WINSTA_ALL_ACCESS, &attributes);
   LocalFree(attributes.lpSecurityDescriptor);
 
-  if (*winsta)
+  if (*winsta) {
     return SBOX_ALL_OK;
+  }
 
   return SBOX_ERROR_CANNOT_CREATE_WINSTATION;
 }
 
 ResultCode CreateAltDesktop(HWINSTA winsta, HDESK* desktop) {
-  std::wstring desktop_name = L"sbox_alternate_desktop_";
+  base::string16 desktop_name = L"sbox_alternate_desktop_";
 
   // Append the current PID to the desktop name.
   wchar_t buffer[16];
@@ -94,20 +97,30 @@ ResultCode CreateAltDesktop(HWINSTA winsta, HDESK* desktop) {
     }
   }
 
-  if (*desktop)
+  if (*desktop) {
+    // Replace the DACL on the new Desktop with a reduced privilege version.
+    // We can soft fail on this for now, as it's just an extra mitigation.
+    static const ACCESS_MASK  kDesktopDenyMask = WRITE_DAC | WRITE_OWNER |
+                                                 DESKTOP_HOOKCONTROL |
+                                                 DESKTOP_JOURNALPLAYBACK |
+                                                 DESKTOP_JOURNALRECORD |
+                                                 DESKTOP_SWITCHDESKTOP;
+    AddKnownSidToObject(*desktop, SE_WINDOW_OBJECT, Sid(WinRestrictedCodeSid),
+                        DENY_ACCESS, kDesktopDenyMask);
     return SBOX_ALL_OK;
+  }
 
   return SBOX_ERROR_CANNOT_CREATE_DESKTOP;
 }
 
-std::wstring GetWindowObjectName(HANDLE handle) {
+base::string16 GetWindowObjectName(HANDLE handle) {
   // Get the size of the name.
   DWORD size = 0;
   ::GetUserObjectInformation(handle, UOI_NAME, NULL, 0, &size);
 
   if (!size) {
     NOTREACHED();
-    return std::wstring();
+    return base::string16();
   }
 
   // Create the buffer that will hold the name.
@@ -117,19 +130,19 @@ std::wstring GetWindowObjectName(HANDLE handle) {
   if (!::GetUserObjectInformation(handle, UOI_NAME, name_buffer.get(), size,
                                   &size)) {
     NOTREACHED();
-    return std::wstring();
+    return base::string16();
   }
 
-  return std::wstring(name_buffer.get());
+  return base::string16(name_buffer.get());
 }
 
-std::wstring GetFullDesktopName(HWINSTA winsta, HDESK desktop) {
+base::string16 GetFullDesktopName(HWINSTA winsta, HDESK desktop) {
   if (!desktop) {
     NOTREACHED();
-    return std::wstring();
+    return base::string16();
   }
 
-  std::wstring name;
+  base::string16 name;
   if (winsta) {
     name = GetWindowObjectName(winsta);
     name += L'\\';