| author | Bob Owen <bobowencode@gmail.com> |
| Sat, 29 Nov 2014 17:12:18 +0000 | |
| changeset 218115 | f76fa8396ca825cca0b0a49bc6d0c30ba5b0bb86 |
| parent 218114 | 0f763c186855905fdd78cc4a0f18cbef9c3c5e04 |
| child 218116 | ba93c0eb3cf7061f259bfd4eb420ff81b1350cac |
| push id | 27914 |
| push user | philringnalda@gmail.com |
| push date | Sun, 30 Nov 2014 16:31:04 +0000 |
| treeherder | mozilla-central@74861ffc991f [default view] [failures only] |
| perfherder | [talos] [build metrics] [platform microbench] (compared to previous push) |
| reviewers | tabraldes |
| bugs | 1094667 |
| milestone | 37.0a1 |
| first release with | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
| last release without | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
| security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp | file | annotate | diff | comparison | revisions |
--- a/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp +++ b/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp @@ -92,17 +92,17 @@ SandboxBroker::SetSecurityLevelForConten result = mPolicy->SetAlternateDesktop(true); ret = ret && (sandbox::SBOX_ALL_OK == result); } else { result = mPolicy->SetJobLevel(sandbox::JOB_NONE, 0); bool ret = (sandbox::SBOX_ALL_OK == result); result = mPolicy->SetTokenLevel(sandbox::USER_RESTRICTED_SAME_ACCESS, - sandbox::USER_RESTRICTED_SAME_ACCESS); + sandbox::USER_NON_ADMIN); ret = ret && (sandbox::SBOX_ALL_OK == result); result = mPolicy->SetDelayedIntegrityLevel(sandbox::INTEGRITY_LEVEL_MEDIUM); ret = ret && (sandbox::SBOX_ALL_OK == result); } // Add the policy for the client side of a pipe. It is just a file // in the \pipe\ namespace. We restrict it to pipes that start with