wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 928062 - Set Windows sandbox delayed integrity level to INTEGRITY_LEVEL_LOW. r=aklotz

Browse Source
This commit is contained in:
Bob Owen 2014-04-08 16:25:18 +01:00
parent 5341260c56
commit 6fdbe1f12a
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
View File

@ -47,13 +47,13 @@ SandboxBroker::LaunchApp(const wchar_t *aPath,
}
// Setup the sandbox policy, this is initially:
// Medium integrity, unrestricted, in the same window station, within the
// Low integrity, unrestricted, in the same window station, within the
// same desktop, and has no job object.
// We'll start to increase the restrictions over time.
mPolicy->SetJobLevel(sandbox::JOB_NONE, 0);
mPolicy->SetTokenLevel(sandbox::USER_RESTRICTED_SAME_ACCESS,
sandbox::USER_RESTRICTED_SAME_ACCESS);
mPolicy->SetDelayedIntegrityLevel(sandbox::INTEGRITY_LEVEL_UNTRUSTED);
mPolicy->SetDelayedIntegrityLevel(sandbox::INTEGRITY_LEVEL_LOW);
// Set an alternate Desktop within a new window station
mPolicy->SetAlternateDesktop(false);