Bug 1377249 - Allow Flash to create Secure Socket connections. r=bobowen, a=jcristau
authorDavid Parks <dparks@mozilla.com>
Tue, 11 Jul 2017 19:26:24 -0700
changeset 414335 a7b3f2eb7ff490e787d35e7c10be53497e4d82f7
parent 414334 ea2563ac86db0b40ff8475c694088e15dbc0fa31
child 414336 b37c3164182342ef630f6ce58631eb5fe490361b
push id1490
push usermtabara@mozilla.com
push dateMon, 31 Jul 2017 14:08:16 +0000
treeherdermozilla-release@70e32e6bf15e [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbobowen, jcristau
bugs1377249
milestone55.0
Bug 1377249 - Allow Flash to create Secure Socket connections. r=bobowen, a=jcristau
security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
--- a/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
+++ b/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
@@ -566,16 +566,18 @@ SandboxBroker::SetSecurityLevelForPlugin
     delayedIntegrityLevel = sandbox::INTEGRITY_LEVEL_LOW;
   } else {
     jobLevel = sandbox::JOB_NONE;
     accessTokenLevel = sandbox::USER_NON_ADMIN;
     initialIntegrityLevel = sandbox::INTEGRITY_LEVEL_MEDIUM;
     delayedIntegrityLevel = sandbox::INTEGRITY_LEVEL_MEDIUM;
   }
 
+  mPolicy->SetDoNotUseRestrictingSIDs();
+
   sandbox::ResultCode result = mPolicy->SetJobLevel(jobLevel,
                                                     0 /* ui_exceptions */);
   SANDBOX_ENSURE_SUCCESS(result,
                          "Setting job level failed, have you set memory limit when jobLevel == JOB_NONE?");
 
   result = mPolicy->SetTokenLevel(sandbox::USER_RESTRICTED_SAME_ACCESS,
                                   accessTokenLevel);
   SANDBOX_ENSURE_SUCCESS(result,