Bug 1165895: Add NPAPI sandbox rule for the crash server pipe and x64 Temp dir write access. r=bbondy

dom/plugins/ipc/PluginProcessParent.cpp

@@ -96,17 +96,17 @@ AddSandboxAllowedFiles(int32_t aSandboxLevel,
 
     // Level 2 and above is now using low integrity, so we need to give write
     // access to the Flash directories.
+    // This should be made Flash specific (Bug 1171396).
     AddSandboxAllowedFile(aAllowedFilesReadWrite, dirSvc, NS_WIN_APPDATA_DIR,
                           NS_LITERAL_STRING("\\Macromedia\\Flash Player\\*"));
     AddSandboxAllowedFile(aAllowedFilesReadWrite, dirSvc, NS_WIN_APPDATA_DIR,
                           NS_LITERAL_STRING("\\Adobe\\Flash Player\\*"));
 
-#if defined(_X86_)
-    // Write access to the Temp directory should only be needed for 32-bit as
-    // it is used to turn off protected mode, which only applies to x86.
+    // Write access to the Temp directory is used to turn off protected mode
+    // and is needed in some mochitest crash tests.
+    // Bug 1171393 tracks removing this requirement.
     AddSandboxAllowedFile(aAllowedFilesReadWrite, dirSvc, NS_OS_TEMP_DIR,
                           NS_LITERAL_STRING("\\*"));
-#endif
 }
 #endif
 

security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp

@@ -240,6 +240,12 @@ SandboxBroker::SetSecurityLevelForPluginProcess(int32_t aSandboxLevel)
                             L"\\??\\pipe\\chrome.*");
   ret = ret && (sandbox::SBOX_ALL_OK == result);
 
+  // Add the policy for the client side of the crash server pipe.
+  result = mPolicy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES,
+                            sandbox::TargetPolicy::FILES_ALLOW_ANY,
+                            L"\\??\\pipe\\gecko-crash-server-pipe.*");
+  ret = ret && (sandbox::SBOX_ALL_OK == result);
+
   // The NPAPI process needs to be able to duplicate shared memory to the
   // content process and broker process, which are Section type handles.
   // Content and broker are for e10s and non-e10s cases.