security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
412e3fae6b61570b90f059ab92f81daa4ce00668
created 2017-03-28 08:36 +0100
pushed 2017-06-05 19:31 +0000
Bob Owen Bob Owen - Bug 1344453 - Part 2: Add FILES_ALLOW_READONLY rule to all paths when Windows child process should have full read access. r=jimm, a=lizzard
05c8e1058e9802bd77c34989e7e1abc82c0a36a1
created 2017-03-06 17:42 +0100
pushed 2017-06-05 19:31 +0000
Honza Bambas Honza Bambas - Bug 1320458 - Make logging by sandboxed child processes to a file work on Windows, r=aklotz a=gchang
383f86d1c80372ff18c8aeab88ebd70775f06d3b
created 2017-02-04 23:19 +1300
pushed 2017-06-05 19:31 +0000
Matt Woodrow Matt Woodrow - Bug 1325227 - Part 3: Allow child process to share semaphore handles with the parent/gpu processes. r=bobowen
85c59b19c241b3072441003583daff98655fd933
created 2017-03-28 08:36 +0100
pushed 2017-04-10 20:44 +0000
Bob Owen Bob Owen - Bug 1344453 - Part 2: Add FILES_ALLOW_READONLY rule to all paths when Windows child process should have full read access. r=jimm, a=lizzard
aa07f3afdc874cb03da55143e112e30595010f6d
created 2017-03-06 17:42 +0100
pushed 2017-04-10 20:44 +0000
Honza Bambas Honza Bambas - Bug 1320458 - Make logging by sandboxed child processes to a file work on Windows, r=aklotz a=gchang
46d3af166fcea535f960e2e3dde5728bea86f14b
created 2017-01-11 23:08 -0500
pushed 2017-04-10 20:44 +0000
Ryan VanderMeulen Ryan VanderMeulen - Backed out 7 changesets (bug 1325227) to unblock the backout of bug 1323957.
f6c6ef5ac42ca39ff172f21a0f26697fbc3cde71
created 2017-01-12 15:23 +1300
pushed 2017-04-10 20:44 +0000
Matt Woodrow Matt Woodrow - Bug 1325227 - Part 3: Allow child process to share mutex handles with the parent/gpu processes. r=bobowen
9174d825a6ee546db547c7bfc45a223c858f3532
created 2016-12-22 11:11 +0000
pushed 2017-04-10 20:44 +0000
Bob Owen Bob Owen - Bug 1273372 Part 4: Add AppLocker rules to GMP sandbox policy. r=aklotz
302107a735500f83471a9ab397d63b755714b1f4
created 2016-12-14 14:43 +0000
pushed 2017-04-10 20:44 +0000
Bob Owen Bob Owen - Bug 1321256: Use a USER_UNPROTECTED initial token when the delayed token is not restricted. r=jimm
0637dd270ef14763921d3099b6f6d5780fa702f6
created 2016-11-24 15:08 +0000
pushed 2017-04-10 20:44 +0000
Bob Owen Bob Owen - Bug 1147911 Part 9: Ensure file read permissions for file content process on Windows. r=jimm, r=jld
aed16e234d2ebf3372564600ff8cd5f3c7a83f3c
created 2016-11-23 18:32 +0100
pushed 2017-04-10 20:44 +0000
Sebastian Hengst Sebastian Hengst - Backed out changeset 11a036eafea2 (bug 1147911)
11a036eafea224ab9ff1fde88f72ab75768be98c
created 2016-11-23 13:36 +0000
pushed 2017-04-10 20:44 +0000
Bob Owen Bob Owen - Bug 1147911 Part 9: Ensure file read permissions for file content process on Windows. r=jimm, r=jld
8c3dbc507117517a3569a4b2448973aacad0ae40
created 2016-11-18 00:58 +0100
pushed 2017-04-10 20:44 +0000
Sebastian Hengst Sebastian Hengst - Backed out changeset a5c68edf3788 (bug 1147911)
a5c68edf37887818d25a162d7b8f0bf6d44a73dc
created 2016-11-17 15:48 +0000
pushed 2017-04-10 20:44 +0000
Bob Owen Bob Owen - Bug 1147911 Part 9: Ensure file read permissions for file content process on Windows. r=jimm, r=jld
741296a2d92b93348fe573b2b5884d6421ba4282
created 2016-12-07 21:00 +0000
pushed 2017-02-27 14:59 +0000
Bob Owen Bob Owen - Bug 1273372 Part 4: Add AppLocker rules to GMP sandbox policy. r=aklotz a=lizzard
c1af43b748f1e30cef0b721edd797bd45fcf9613
created 2016-12-14 14:43 +0000
pushed 2017-02-27 14:59 +0000
Bob Owen Bob Owen - Bug 1321256 - Use a USER_UNPROTECTED initial token when the delayed token is not restricted. r=jimm, a=jcristau
72904b99af245009c2782293224849932caf90ba
created 2016-09-24 02:54 -0700
pushed 2017-02-27 14:59 +0000
David Parks David Parks - Bug 1269114 - [x86_64] Last picked directory not saved when using Flash Player uploader. r=jimm
4284001e0ba8c1c1d02301f15ca596b55f971d37
created 2016-12-07 21:00 +0000
pushed 2017-01-16 13:07 +0000
Bob Owen Bob Owen - Bug 1273372 Part 4: Add AppLocker rules to GMP sandbox policy. r=aklotz a=lizzard
ad577027930a05fc2862b22306ff454221a4a228
created 2016-12-14 14:43 +0000
pushed 2017-01-16 13:07 +0000
Bob Owen Bob Owen - Bug 1321256 - Use a USER_UNPROTECTED initial token when the delayed token is not restricted. r=jimm, a=gchang
3085c105782f553fe7314bad96e12bfe092cf0ce
created 2016-09-12 11:11 +0100
pushed 2017-01-16 13:07 +0000
Bob Owen Bob Owen - Bug 1301034: Log when non-static file policy AddRule calls fail in Windows SandboxBroker. r=jimm
4ed590c96a36c34c0118788000f1a4a37763c5a9
created 2016-07-20 14:41 +0100
pushed 2016-10-31 18:13 +0000
Bob Owen Bob Owen - Bug 1287984: Add rule to allow content process to duplicate handles to other non-broker processes. r=jimm
15d68ab35c708d7b9215e34dd23152b381749c41
created 2016-06-06 15:13 +0200
pushed 2016-10-31 18:13 +0000
Gabor Krizsanits Gabor Krizsanits - Bug 1146873 - Handling sandbox policy setup failures. r=bobowen
035a7be9628ac2a47a527854dce55c7f02e69c6a
created 2016-05-25 09:06 +0100
pushed 2016-09-05 20:01 +0000
Bob Owen Bob Owen - Bug 1250125: Make a 0 security.sandbox.content.level turn off the content process sandbox. r=TimAbraldes
a416c55e664816080084ad68453a5c212f1d00a0
created 2016-05-15 16:41 +0100
pushed 2016-09-05 20:01 +0000
Bob Owen Bob Owen - Bug 1035125 Part 9: Link Chromium sandbox into firefox.exe instead of having a separate DLL. r=aklotz,glandium
9da40ac362b7294eff57bd8fb4caa38e8cc7c8a0
created 2016-04-12 16:12 +1200
pushed 2016-07-25 16:35 +0000
Chris Pearce Chris Pearce - Bug 1245789 - Load Widevine CDM with sandbox level USER_RESTRICTED instead of USER_LOCKDOWN. r=bobowen
65d070edff8bf23b4e4cb975bbdc24b61e301f7a
created 2016-04-07 08:28 +0100
pushed 2016-07-25 16:35 +0000
Bob Owen Bob Owen - Bug 1256992 Part 2: Move SandboxBroker Initialization earlier and add telemetry and extra null checks. r=aklotz
f2582471724f12b2eadde1288474b7574605dba1
created 2016-03-23 08:10 +0000
pushed 2016-07-25 16:35 +0000
Bob Owen Bob Owen - Bug 1256992: Initialize Windows sandbox BrokerServices before any child processes are created. r=aklotz, r=bholley
03df45996f1f5304dba1474bbfd9df61900a8db3
created 2016-03-22 09:54 +0100
pushed 2016-07-25 16:35 +0000
Carsten "Tomcat" Book Carsten "Tomcat" Book - Backed out changeset 0fedfd441a06 (bug 1256992) for gtest failures
0fedfd441a069e78ec363115d94b7da4c4547346
created 2016-03-22 07:40 +0000
pushed 2016-07-25 16:35 +0000
Bob Owen Bob Owen - Bug 1256992: Initialize Windows sandbox BrokerServices before any child processes are created. r=aklotz, r=bholley
0da1c375b5117d5113293f43a2fbaa4efbc7b722
created 2016-04-12 16:12 +1200
pushed 2016-06-01 01:31 +0000
Chris Pearce Chris Pearce - Bug 1245789 - Load Widevine CDM with sandbox level USER_RESTRICTED instead of USER_LOCKDOWN. r=bobowen,a=ritu
0b38f4474a28f269761d16ec80fec219db3697e3
created 2016-04-07 08:28 +0100
pushed 2016-06-01 01:31 +0000
Bob Owen Bob Owen - Bug 1256992 Part 2: Move SandboxBroker Initialization earlier and add telemetry and extra null checks. r=aklotz, a=ritu
f9b9691fee9edfe9ce6bc02345d80465079de9e3
created 2016-04-13 15:37 +0100
pushed 2016-06-01 01:31 +0000
Bob Owen Bob Owen - Bug 1256992: Initialize Windows sandbox BrokerServices before any child processes are created. r=aklotz, r=bholley, a=ritu
08693317e6581716cc6a8c3d95ed7ff6e16d2886
created 2016-04-13 16:23 +0200
pushed 2016-06-01 01:31 +0000
Carsten "Tomcat" Book Carsten "Tomcat" Book - Backed out changeset 6bba1d23fd2c (bug 1256992) for problems in conflict resolution
4263e98ca9d90f69e1bbe560823cca6075b9cf48
created 2016-04-13 16:23 +0200
pushed 2016-06-01 01:31 +0000
Carsten "Tomcat" Book Carsten "Tomcat" Book - Backed out changeset 727c6549ed88 (bug 1256992)
727c6549ed889477f1b2ecfbf51b1b81ad004dfd
created 2016-04-07 08:28 +0100
pushed 2016-06-01 01:31 +0000
Bob Owen Bob Owen - Bug 1256992 Part 2: Move SandboxBroker Initialization earlier and add telemetry and extra null checks. r=aklotz, a=ritu
6bba1d23fd2ca665cff262aa60c752c6ea52dbbb
created 2016-03-23 08:10 +0000
pushed 2016-06-01 01:31 +0000
Bob Owen Bob Owen - Bug 1256992: Initialize Windows sandbox BrokerServices before any child processes are created. r=aklotz, r=bholley, a=ritu
b0b8d69d265bd7700c684fce54eccf7cddde403f
created 2016-03-28 10:51 -0700
pushed 2016-06-01 01:31 +0000
Wes Kocher Wes Kocher - Backed out changeset 30de9ac21a78 (bug 1256992) for causing crashes a=backout
30de9ac21a783228a1bb6b3d5920050824cbc58f
created 2016-03-23 08:10 +0000
pushed 2016-06-01 01:31 +0000
Bob Owen Bob Owen - Bug 1256992: Initialize Windows sandbox BrokerServices before any child processes are created. r=aklotz, r=bholley, a=lizzard
92029305820c163ad08e1cbb5e8783f96d8c49b9
created 2016-02-09 08:31 +0000
pushed 2016-06-01 01:31 +0000
Bob Owen Bob Owen - Bug 1219369: In Windows debug builds allow write access to TEMP for logging purposes. r=tabraldes
76151cdd95ab82d32f6fc1e24275d30131d60d35
created 2016-04-07 08:28 +0100
pushed 2016-04-15 21:02 +0000
Bob Owen Bob Owen - Bug 1256992 Part 2: Move SandboxBroker Initialization earlier and add telemetry and extra null checks. r=aklotz a=lizzard
f6be6339c20d971aadb31326a40a785d7d76aa94
created 2016-03-23 20:50 +0000
pushed 2016-04-15 21:02 +0000
Bob Owen Bob Owen - Bug 1256992: Initialize Windows sandbox BrokerServices before any child processes are created. r=aklotz a=lizzard
3ec9d490c3a1fc6ce22308750857b74506995723
created 2016-03-28 11:13 -0700
pushed 2016-04-15 21:02 +0000
Wes Kocher Wes Kocher - Backed out changeset 98ffa7015335 (bug 1256992) for causing crashes a=backout
98ffa7015335f1ca09dbe6044b583be5f216fa59
created 2016-03-23 20:50 +0000
pushed 2016-04-15 21:02 +0000
Bob Owen Bob Owen - Bug 1256992: Initialize Windows sandbox BrokerServices before any child processes are created. r=aklotz, a=lizzard
8481c9619cc4d4098b7acdd3f77f7d1f8d3174c1
created 2015-10-21 08:46 +0100
pushed 2016-01-18 19:06 +0000
Bob Owen Bob Owen - Bug 1187031: Move back to using USER_LOCKDOWN for the GMP sandbox policy on Windows. r=aklotz
56e6914c51a78ed06d3f949127ccf20df08665a6
created 2015-10-05 11:10 +0100
pushed 2016-01-18 19:06 +0000
Bob Owen Bob Owen - Bug 1207972: Move to using USER_INTERACTIVE and JOB_INTERACTIVE by default for the Windows content sandbox. r=tabraldes
63d9b41521e90bb8cef3c2f86c05a274436d9384
created 2015-09-09 08:45 +0100
pushed 2015-12-04 23:28 +0000
Bob Owen Bob Owen - Bug 1197943: Turn off MITIGATION_STRICT_HANDLE_CHECKS for NPAPI process sandbox for causing hangs. r=aklotz
d56cd50e14618db3dac3a35d81003ec49eb6239e
created 2015-09-08 11:18 +0100
pushed 2015-12-04 23:28 +0000
Bob Owen Bob Owen - Bug 1201438: Add non-sandboxed Windows content processes as target peers for handle duplication. r=bbondy
d3fb09ff0a1af3a319eb5aa650fdd9ecd045b22c
created 2015-09-08 11:18 +0100
pushed 2015-10-26 12:58 +0000
Bob Owen Bob Owen - Bug 1201438 - Add non-sandboxed Windows content processes as target peers for handle duplication. r=bbondy, a=sledru
7e65fa0cf0c937d54ad6cbe7d4cae42a95a3d950
created 2015-09-09 08:45 +0100
pushed 2015-09-14 18:56 +0000
Bob Owen Bob Owen - Bug 1197943: Turn off MITIGATION_STRICT_HANDLE_CHECKS for NPAPI process sandbox for causing hangs. r=aklotz a=ritu
5fb9272062b9c3819f0d167e93fe20bca0e20b1c
created 2015-06-26 14:19 +0100
pushed 2015-09-14 18:56 +0000
Bob Owen Bob Owen - Bug 1177594: Use a USER_RESTRICTED token level on GMP process when integrity levels are available. r=cpearce
8e1bc0ef35d2a4fa67d13784bbe76fbed5de7ab7
created 2015-06-19 23:35 +0100
pushed 2015-09-14 18:56 +0000
Bob Owen Bob Owen - Bug 1172388: Use a USER_RESTRICTED access level token on Windows 10. r=cpearce
b812439bc1ff0127a3225360d2615dbb97a70344
created 2015-06-18 12:01 +0100
pushed 2015-09-14 18:56 +0000
Bob Owen Bob Owen - Bug 1165895: Add NPAPI sandbox rule for the crash server pipe and x64 Temp dir write access. r=bbondy
3b9e3c02a8e440a82d7e2429a434790fd8da00c8
created 2015-06-03 09:13 +0100
pushed 2015-09-14 18:56 +0000
Bob Owen Bob Owen - Bug 1166669: Enable process-level mitigations for the Windows content process sandbox. r=tabraldes
3998f5aab3a45cfa6f0cb5544d417377b9e69509
created 2015-05-22 17:05 +0100
pushed 2015-09-14 18:56 +0000
Bob Owen Bob Owen - Bug 1123759: Set low integrity on NPAPI processes for Windows sandboxing policy level >= 2. r=bbondy, r=bsmedberg
c9af6025b8bc7f76d135dd82ac3ff065d59e7e05
created 2015-06-26 14:19 +0100
pushed 2015-08-03 13:22 +0000
Bob Owen Bob Owen - Bug 1177594: Use a USER_RESTRICTED token level on GMP process when integrity levels are available. r=cpearce,a=ritu
5ccffdf8e88111a6babb65e02da5bb3b6af2010b
created 2015-06-19 23:35 +0100
pushed 2015-08-03 13:22 +0000
Bob Owen Bob Owen - Bug 1172388: Use a USER_RESTRICTED access level token on Windows 10. r=cpearce a=lizzard
cbf89fb08ec7e3137d3347e1b809ace99a041897
created 2015-05-11 08:24 +0100
pushed 2015-08-03 13:22 +0000
Bob Owen Bob Owen - Bug 1146874 - Part 1: Check that Windows sandboxed process starts correctly. r=tabraldes, a=lizzard
486f83a6cde410814b827709de8efaf8fa1394c8
created 2015-05-06 10:11 +0100
pushed 2015-08-03 13:22 +0000
Bob Owen Bob Owen - Bug 1158773: Use the same initial and delayed integrity level for Windows content sandbox level 0. r=tabraldes
6f8e9bf837671efce570a6dabc2b06cec3c0be8e
created 2015-04-05 14:01 +0100
pushed 2015-08-03 13:22 +0000
Bob Owen Bob Owen - Bug 1149483: Change content sandbox level 1 to a working low integrity sandbox. r=tabraldes, r=billm
aee0f61516c53778dba9c97c6cbd5c35750902e3
created 2015-04-01 09:40 +0100
pushed 2015-08-03 13:22 +0000
Bob Owen Bob Owen - Bug 1119878 Part 2: Change IPC code to hold ProcessID instead of ProcessHandle. r=billm, r=dvander, r=aklotz, r=cpearce
less more (0) -60 tip