security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
90ea1221493283adec6653cf9de0ceef87f47925
created 2015-06-19 23:35 +0100
pushed 2015-06-21 20:45 +0000
Bob Owen Bob Owen - Bug 1172388 - Use a USER_RESTRICTED access level token on Windows 10. r=cpearce, a=lizzard
6f78a86e9179b7f5c72af37b8fd33b582bbf68e5
created 2015-05-11 08:24 +0100
pushed 2015-06-19 19:24 +0000
Bob Owen Bob Owen - Bug 1146874 - Part 1: Check that Windows sandboxed process starts correctly. r=tabraldes, a=lizzard
1c6d4f4dc12fdeb82326ddf07fdaa903db29d428
created 2015-03-20 07:53 +0000
pushed 2015-06-19 19:24 +0000
Bob Owen Bob Owen - Bug 1145432: Add the policy for the client side of the crash server pipe to the GMP Windows sandbox. r=aklotz
972321ec7bcd88d0a597622d5c3bcb8bc6fc9e3e
created 2015-03-10 08:03 +0000
pushed 2015-06-19 19:24 +0000
Bob Owen Bob Owen - Bug 1137166: Change the Content moreStrict sandbox pref to an integer to indicate the level of sandboxing. r=tabraldes
d885f561788f38c68c0a9e03d91b43c282430147
created 2015-03-20 07:53 +0000
pushed 2015-04-21 23:03 +0000
Bob Owen Bob Owen - Bug 1145432 - Add the policy for the client side of the crash server pipe to the GMP Windows sandbox. r=aklotz, a=sledru
44d8619d58b8844e5d8ca0d9e00ad4284cb631f7
created 2015-02-11 16:25 +0000
pushed 2015-04-21 23:03 +0000
Bob Owen Bob Owen - Bug 1132021 - Add a new sandbox level for Windows NPAPI to use USER_LIMITED access token level. r=bsmedberg, r=bbondy
f83176aaffe9e076c21d6617ae6ff47e165bf3b0
created 2015-02-10 09:06 +0000
pushed 2015-04-21 23:03 +0000
Bob Owen Bob Owen - Bug 1129369 Part 3: Turn on MITIGATION_STRICT_HANDLE_CHECKS process-level mitigation for the GMP sandbox. r=tabraldes
6cb61619e34f9a3e6ff0c2c253d18e19d910c1b6
created 2015-02-10 09:06 +0000
pushed 2015-04-21 23:03 +0000
Bob Owen Bob Owen - Bug 1129369 Part 2: Turn on BOTTOM_UP_ASLR process-level mitigation for the GMP sandbox. r=tabraldes
bd213a5766714a5b6c93bf7a31fbf2bf000d4411
created 2015-02-10 09:06 +0000
pushed 2015-04-21 23:03 +0000
Bob Owen Bob Owen - Bug 1129369 Part 1: Turn on DEP_NO_ATL_THUNK process-level mitigation for the GMP sandbox. r=tabraldes
9c95e28087ca0f3c355e0ebab92d11b1be9fba10
created 2015-01-30 17:48 +0000
pushed 2015-04-21 23:03 +0000
Bob Owen Bob Owen - Bug 1127230: Change the NPAPI sandbox prefs to integers to indicate the level of sandboxing. r=bsmedberg
ea243bbbb45cbe9fc30c73df7917a6547cc0aa83
created 2015-01-29 08:13 +0000
pushed 2015-04-21 23:03 +0000
Bob Owen Bob Owen - Bug 1126402: Add a pref to enable a more strict version of the Windows NPAPI process sandbox. r=bsmedberg, r=bbondy
8fd533be98aaa019aa11fc125276be2ed96dbb10
created 2015-02-10 09:06 +0000
pushed 2015-03-23 22:08 +0000
Bob Owen Bob Owen - Bug 1129369 - Part 3: Turn on MITIGATION_STRICT_HANDLE_CHECKS process-level mitigation for the GMP sandbox. r=tabraldes, a=lmandel
fa0645acfc447a77ac1037f20a38d19aabe8e770
created 2015-02-10 09:06 +0000
pushed 2015-03-23 22:08 +0000
Bob Owen Bob Owen - Bug 1129369 - Part 2: Turn on BOTTOM_UP_ASLR process-level mitigation for the GMP sandbox. r=tabraldes, a=lmandel
56d34ca3b98357150e6bb664e8c7613bdeefb025
created 2015-02-10 09:06 +0000
pushed 2015-03-23 22:08 +0000
Bob Owen Bob Owen - Bug 1129369 - Part 1: Turn on DEP_NO_ATL_THUNK process-level mitigation for the GMP sandbox. r=tabraldes, a=lmandel
941a8c8385ebb69c92b1a2c4f2c355a04e99a7e1
created 2015-01-26 10:14 +0000
pushed 2015-03-23 22:08 +0000
Bob Owen Bob Owen - Bug 1094370 - Use the USER_LOCKDOWN access token for GMP processes. r=aklotz, a=lmandel
f79836f9957ea6066370fedc8601c17ed916b81f
created 2015-01-26 08:00 +0000
pushed 2015-03-23 22:08 +0000
Bob Owen Bob Owen - Bug 1123245 Part 2: Use the USER_NON_ADMIN access token level for Windows NPAPI processes. r=tabraldes, a=sledru
20dbbb1fd98a238e51b7ea4e0400914867e0a50b
created 2015-01-26 08:00 +0000
pushed 2015-03-23 22:08 +0000
Bob Owen Bob Owen - Bug 1123245 Part 1: Enable an open sandbox on Windows NPAPI processes. r=josh, r=tabraldes, a=sledru
7b6674e5a437cd681ffba5013108ef497ad8d75e
created 2015-01-21 07:59 +0000
pushed 2015-03-23 22:08 +0000
Bob Owen Bob Owen - Bug 1121479 - Part 4: Turn on DLL_SEARCH_ORDER process-level mitigation for the GMP sandbox. r=tabraldes, a=sledru
004776aa9aa52478f842128c0a8e2c36c2b48ed3
created 2015-01-21 07:59 +0000
pushed 2015-03-23 22:08 +0000
Bob Owen Bob Owen - Bug 1121479 - Part 3: Turn on HEAP_TERMINATE process-level mitigation for the GMP sandbox. r=tabraldes, a=sledru
cf64f625cd033006eb58427076a41726bcd22a78
created 2015-01-21 07:59 +0000
pushed 2015-03-23 22:08 +0000
Bob Owen Bob Owen - Bug 1121479 - Part 2: Turn on SEHOP process-level mitigation for the GMP sandbox. r=tabraldes, a=sledru
06da1141e8176035b45bd0a09214e597108107ee
created 2015-01-21 07:59 +0000
pushed 2015-03-23 22:08 +0000
Bob Owen Bob Owen - Bug 1121479 - Part 1: Turn on DEP process-level mitigation for the GMP sandbox. r=tabraldes, a=sledru
757184e87736e7e6f80a2c50d58df05b6fcc9877
created 2015-01-05 15:54 -0800
pushed 2015-03-23 22:08 +0000
Nicholas Nethercote Nicholas Nethercote - Bug 1117611 - Fix shadowed variable in SandboxBroker::SetSecurityLevelForContentProcess(). r=bobowen.
f76fa8396ca825cca0b0a49bc6d0c30ba5b0bb86
created 2014-11-29 17:12 +0000
pushed 2015-03-23 22:08 +0000
Bob Owen Bob Owen - Bug 1094667: Use the USER_NON_ADMIN access token by default for the Windows content sandbox. r=tabraldes
69c15302979af35dc18095ec18fbf576545a06a9
created 2014-11-29 17:12 +0000
pushed 2015-03-23 22:08 +0000
Bob Owen Bob Owen - Bug 928044 Part 2: Enable the content sandbox by default on Windows with an open policy. r=tabraldes,glandium,jimm
f7b5148c84a143f73bb0ed8fc31460a04d5f8cbe
created 2015-01-26 11:44 +0000
pushed 2015-02-18 20:30 +0000
Bob Owen Bob Owen - Bug 1123245 Part 2: Use the USER_NON_ADMIN access token level for Windows NPAPI processes. r=tabraldes, a=sledru
2ab5add9571715b6833a7139d94cca0b1291d2c0
created 2015-01-26 11:44 +0000
pushed 2015-02-18 20:30 +0000
Bob Owen Bob Owen - Bug 1123245 Part 1: Enable an open sandbox on Windows NPAPI processes. r=josh, r=tabraldes, a=sledru
134dbb88ff8845e467a6a5f381938675921c2912
created 2014-11-27 08:44 +0000
pushed 2015-02-18 20:30 +0000
Bob Owen Bob Owen - Bug 1027902: Use an intial integrity level of low for the GMP sandbox on Windows. r=tabraldes
b1280bbd4a0317146fdf18833374305b53e5f946
created 2014-09-16 15:44 +0100
pushed 2015-01-05 23:23 +0000
Bob Owen Bob Owen - Bug 1068000 - Add client side chrome.* pipe rule for Windows content sandbox. r=tabraldes
db0bf3d919b0aaed97c4332fdee5089ad9549fc8
created 2014-09-10 12:36 +0100
pushed 2015-01-05 23:23 +0000
Bob Owen Bob Owen - Bug 1018988 - Set up a low integrity temp directory when using the Windows content sandbox. r=mrbkap r=tabraldes r=froydnj
7be34c88c9ac2ae5759bfa4cd707d96edfe90200
created 2014-06-11 15:32 +0100
pushed 2015-01-05 23:23 +0000
Bob Owen Bob Owen - Bug 1018966 - Part 1: Add the main warn only sandbox machinery - with no Chromium code changes. r=bsmedberg
3c6780d80e95127f0f56b9c8e1fe41aae64dc2f4
created 2014-09-04 15:14 +0200
pushed 2015-01-05 23:23 +0000
Carsten "Tomcat" Book Carsten "Tomcat" Book - Backed out changeset 5adabc2818b2 (bug 1018966) for b2g bustage
5adabc2818b2348ac33c13ada04e747934f132b4
created 2014-06-11 15:32 +0100
pushed 2015-01-05 23:23 +0000
Bob Owen Bob Owen - Bug 1018966 - Part 1: Add the main warn only sandbox machinery - with no Chromium code changes. r=bsmedberg r=tabraldes
0af2575571f3d809eb5f1d5064af5f543731dfb9
created 2014-08-29 17:34 -0700
pushed 2014-10-06 12:51 +0000
Tim Abraldes Tim Abraldes - Bug 1027906 - Set delayed token level for GMP plugin processes to USER_RESTRICTED. Whitelist certain files and registry keys that are required for EME plugins to successfully load. r=bobowen. r=jesup, r=bent, a=lmandel
fbd06fa70b84eae689346767aed8e7ff43afb241
created 2014-07-16 16:01 -0700
pushed 2014-10-06 12:51 +0000
Tim Abraldes Tim Abraldes - bug 985252. Build sandbox code regardless of whether --enable-content-sandbox/MOZ_CONTENT_SANDBOX is provided. Enable sandboxing of GMP plugins. Enable `SandboxBroker` to set different security policies for different process types. r=bbondy, r=cpearce, r=bent
75ae09718c5cec74f898ec91720ffbd45d648fe2
created 2014-05-14 16:09 +0100
pushed 2014-08-25 18:42 +0000
Bob Owen Bob Owen - Bug 1009452 - inherit stdout and stderr into the content process to allow logging. r=aklotz
af5b63ae25d6ef00364e02686f77fac7223f7bc3
created 2014-04-08 16:25 +0100
pushed 2014-07-14 18:39 +0000
Bob Owen Bob Owen - Bug 928062 - Set Windows sandbox delayed integrity level to INTEGRITY_LEVEL_LOW. r=aklotz
25168278f39a33195212bce25cb1b1f93ec7cb82
created 2014-02-20 12:58 -0500
pushed 2014-06-02 21:01 +0000
Brian R. Bondy Brian R. Bondy - Bug 974979 - Browser crashes after trying to restart a crashed e10s process. r=aklotz
3da0c8a851f80a3d3433498cb80610a66003650d
created 2014-02-20 12:37 -0500
pushed 2014-06-02 21:01 +0000
Brian R. Bondy Brian R. Bondy - Bug 928061 - Enable separate Desktop in Windows sandbox policy. r=aklotz
20152316a6087d037828d35807339584f582d39e
created 2014-02-14 11:07 -0500
pushed 2014-06-02 21:01 +0000
Brian R. Bondy Brian R. Bondy - Bug 969559 - Set delayed restricted integrity in child process to block off pipe and file access after LowerToken call. r=aklotz
979b83683ca7a9d21997a154b1dfe65b2d7ebad1
created 2013-11-05 13:07 -0500
pushed 2014-03-10 22:05 +0000
Brian R. Bondy Brian R. Bondy - Bug 935042 - Allow more than one process to be sandboxed from a single sandboxbroker. r=aklotz
f997b62e129056b859eee14ac9bc2585bfa4b93f
created 2013-10-30 16:58 -0700
pushed 2014-03-10 22:05 +0000
Brian R. Bondy Brian R. Bondy - Bug 925571 - Initial Windows content process sandbox broker code. r=aklotz
less more (0) tip