Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1534)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/common/sandbox_win.cc

Issue 318603003: Sandbox policy and intercepts for the MITIGATION_WIN32K_DISABLE policy for renderer processes. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Fixed comment Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | sandbox/win/sandbox_win.gypi » ('j') | sandbox/win/sandbox_win.gypi » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/common/sandbox_win.cc
diff --git a/content/common/sandbox_win.cc b/content/common/sandbox_win.cc
index 355305e33c2434c4b0679e92a59859701a0d9143..7e4caf9dde9fe883e8dc40da84bdc88fdaefd0be 100644
--- a/content/common/sandbox_win.cc
+++ b/content/common/sandbox_win.cc
@@ -334,6 +334,13 @@ bool AddGenericPolicy(sandbox::TargetPolicy* policy) {
AddGenericDllEvictionPolicy(policy);
+ if (base::win::GetVersion() >= base::win::VERSION_WIN8) {
+ result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_WIN32K_LOCKDOWN,
jschuh 2014/06/06 03:23:36 Just remove this section. You're already setting t
ananta 2014/06/06 23:57:34 Leaving this as is as this is needed for the polic
+ sandbox::TargetPolicy::LOCKDOWN_WIN32K,
+ L"Lockdown_Win32K");
+ if (result != sandbox::SBOX_ALL_OK)
+ return false;
+ }
return true;
}
« no previous file with comments | « no previous file | sandbox/win/sandbox_win.gypi » ('j') | sandbox/win/sandbox_win.gypi » ('J')

Powered by Google App Engine
This is Rietveld 408576698