Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-08 02:14:43 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1121479 Part 4: Turn on DLL_SEARCH_ORDER process-level mitigation for the GMP sandbox. r=tabraldes

Browse Source
This commit is contained in:
Bob Owen 2015-01-21 07:59:56 +00:00
parent 86b8e2d513
commit 8c9dd30f1f
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
View File

@ -179,6 +179,12 @@ SandboxBroker::SetSecurityLevelForGMPlugin()
result = mPolicy->SetProcessMitigations(mitigations);
ret = ret && (sandbox::SBOX_ALL_OK == result);
mitigations =
sandbox::MITIGATION_DLL_SEARCH_ORDER;
result = mPolicy->SetDelayedProcessMitigations(mitigations);
ret = ret && (sandbox::SBOX_ALL_OK == result);
// Add the policy for the client side of a pipe. It is just a file
// in the \pipe\ namespace. We restrict it to pipes that start with
// "chrome." so the sandboxed process cannot connect to system services.