author | Bob Owen <bobowencode@gmail.com> |
Sat, 29 Nov 2014 17:12:18 +0000 | |
changeset 218115 | f76fa8396ca825cca0b0a49bc6d0c30ba5b0bb86 |
parent 218114 | 0f763c186855905fdd78cc4a0f18cbef9c3c5e04 |
child 218116 | ba93c0eb3cf7061f259bfd4eb420ff81b1350cac |
push id | 27914 |
push user | philringnalda@gmail.com |
push date | Sun, 30 Nov 2014 16:31:04 +0000 |
treeherder | mozilla-central@74861ffc991f [default view] [failures only] |
perfherder | [talos] [build metrics] [platform microbench] (compared to previous push) |
reviewers | tabraldes |
bugs | 1094667 |
milestone | 37.0a1 |
first release with | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
last release without | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp | file | annotate | diff | comparison | revisions |
--- a/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp +++ b/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp @@ -92,17 +92,17 @@ SandboxBroker::SetSecurityLevelForConten result = mPolicy->SetAlternateDesktop(true); ret = ret && (sandbox::SBOX_ALL_OK == result); } else { result = mPolicy->SetJobLevel(sandbox::JOB_NONE, 0); bool ret = (sandbox::SBOX_ALL_OK == result); result = mPolicy->SetTokenLevel(sandbox::USER_RESTRICTED_SAME_ACCESS, - sandbox::USER_RESTRICTED_SAME_ACCESS); + sandbox::USER_NON_ADMIN); ret = ret && (sandbox::SBOX_ALL_OK == result); result = mPolicy->SetDelayedIntegrityLevel(sandbox::INTEGRITY_LEVEL_MEDIUM); ret = ret && (sandbox::SBOX_ALL_OK == result); } // Add the policy for the client side of a pipe. It is just a file // in the \pipe\ namespace. We restrict it to pipes that start with