Bug 1417959 - Bump Alternate Desktop to Level 5 and make that the Default on Nightly. r=jimm, a=gchang
authorBob Owen <bobowencode@gmail.com>
Thu, 16 Nov 2017 18:10:00 +0000
changeset 444806 df6d0aff01790273b36dae1cf0835e5d4d168eac
parent 444805 259b10e2934fd7043af8c575a013980e609bfe42
child 444807 59d1822ef42e424b36850209345b678926f994e6
push id1618
push userCallek@gmail.com
push dateThu, 11 Jan 2018 17:45:48 +0000
treeherdermozilla-release@882ca853e05a [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjimm, gchang
bugs1417959
milestone58.0
Bug 1417959 - Bump Alternate Desktop to Level 5 and make that the Default on Nightly. r=jimm, a=gchang
browser/app/profile/firefox.js
security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
--- a/browser/app/profile/firefox.js
+++ b/browser/app/profile/firefox.js
@@ -1041,17 +1041,21 @@ pref("dom.ipc.plugins.sandbox-level.flas
 #endif
 
 #if defined(MOZ_CONTENT_SANDBOX)
 // This controls the strength of the Windows content process sandbox for testing
 // purposes. This will require a restart.
 // On windows these levels are:
 // See - security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
 // SetSecurityLevelForContentProcess() for what the different settings mean.
+#if defined(NIGHTLY_BUILD)
+pref("security.sandbox.content.level", 5);
+#else
 pref("security.sandbox.content.level", 4);
+#endif
 
 // This controls the depth of stack trace that is logged when Windows sandbox
 // logging is turned on.  This is only currently available for the content
 // process because the only other sandbox (for GMP) has too strict a policy to
 // allow stack tracing.  This does not require a restart to take effect.
 pref("security.sandbox.windows.log.stackTraceDepth", 0);
 #endif
 
--- a/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
+++ b/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
@@ -471,21 +471,23 @@ SandboxBroker::SetSecurityLevelForConten
   sandbox::MitigationFlags mitigations =
     sandbox::MITIGATION_BOTTOM_UP_ASLR |
     sandbox::MITIGATION_HEAP_TERMINATE |
     sandbox::MITIGATION_SEHOP |
     sandbox::MITIGATION_DEP_NO_ATL_THUNK |
     sandbox::MITIGATION_DEP |
     sandbox::MITIGATION_EXTENSION_POINT_DISABLE;
 
-  if (aSandboxLevel > 3) {
+  if (aSandboxLevel > 4) {
     result = mPolicy->SetAlternateDesktop(false);
     MOZ_RELEASE_ASSERT(sandbox::SBOX_ALL_OK == result,
                        "Failed to create alternate desktop for sandbox.");
+  }
 
+  if (aSandboxLevel > 3) {
     mitigations |= sandbox::MITIGATION_IMAGE_LOAD_NO_LOW_LABEL;
     // If we're running from a network drive then we can't block loading from
     // remote locations.
     if (!sRunningFromNetworkDrive) {
       mitigations |= sandbox::MITIGATION_IMAGE_LOAD_NO_REMOTE;
     }
   }