Bug 1321256: Use a USER_UNPROTECTED initial token when the delayed token is not restricted. r=jimm
authorBob Owen <bobowencode@gmail.com>
Wed, 14 Dec 2016 14:43:06 +0000
changeset 325886 302107a735500f83471a9ab397d63b755714b1f4
parent 325885 80b23ce5f23f3d1a45618a92d7e369e26964b651
child 325887 3f6036fb9dca03914f3c6466e34d70d231487108
push id31078
push userkwierso@gmail.com
push dateThu, 15 Dec 2016 00:06:52 +0000
treeherdermozilla-central@b1ab720c6d3e [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjimm
bugs1321256
milestone53.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1321256: Use a USER_UNPROTECTED initial token when the delayed token is not restricted. r=jimm
security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
--- a/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
+++ b/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
@@ -138,18 +138,24 @@ SandboxBroker::SetSecurityLevelForConten
     }
   }
 
   sandbox::ResultCode result = mPolicy->SetJobLevel(jobLevel,
                                                     0 /* ui_exceptions */);
   MOZ_RELEASE_ASSERT(sandbox::SBOX_ALL_OK == result,
                      "Setting job level failed, have you set memory limit when jobLevel == JOB_NONE?");
 
-  result = mPolicy->SetTokenLevel(sandbox::USER_RESTRICTED_SAME_ACCESS,
-                                  accessTokenLevel);
+  // If the delayed access token is not restricted we don't want the initial one
+  // to be either, because it can interfere with running from a network drive.
+  sandbox::TokenLevel initialAccessTokenLevel =
+    (accessTokenLevel == sandbox::USER_UNPROTECTED ||
+     accessTokenLevel == sandbox::USER_NON_ADMIN)
+    ? sandbox::USER_UNPROTECTED : sandbox::USER_RESTRICTED_SAME_ACCESS;
+
+  result = mPolicy->SetTokenLevel(initialAccessTokenLevel, accessTokenLevel);
   MOZ_RELEASE_ASSERT(sandbox::SBOX_ALL_OK == result,
                      "Lockdown level cannot be USER_UNPROTECTED or USER_LAST if initial level was USER_RESTRICTED_SAME_ACCESS");
 
   result = mPolicy->SetIntegrityLevel(initialIntegrityLevel);
   MOZ_RELEASE_ASSERT(sandbox::SBOX_ALL_OK == result,
                      "SetIntegrityLevel should never fail, what happened?");
   result = mPolicy->SetDelayedIntegrityLevel(delayedIntegrityLevel);
   MOZ_RELEASE_ASSERT(sandbox::SBOX_ALL_OK == result,