| Index: sandbox/win/src/sandbox_policy.h
|
| diff --git a/sandbox/win/src/sandbox_policy.h b/sandbox/win/src/sandbox_policy.h
|
| index 22a2049c2d109d9770ef337829d63f99f6c958b5..6f096fba25745d46301676dd011862c9d30f2160 100644
|
| --- a/sandbox/win/src/sandbox_policy.h
|
| +++ b/sandbox/win/src/sandbox_policy.h
|
| @@ -183,6 +183,10 @@ class TargetPolicy {
|
| // Sets a capability to be enabled for the sandboxed process' AppContainer.
|
| virtual ResultCode SetCapability(const wchar_t* sid) = 0;
|
|
|
| + // Sets the LowBox token for sandboxed process. This is mutually exclusive
|
| + // with SetAppContainer method.
|
| + virtual ResultCode SetLowBox(const wchar_t* sid) = 0;
|
| +
|
| // Sets the mitigations enabled when the process is created. Most of these
|
| // are implemented as attributes passed via STARTUPINFOEX. So they take
|
| // effect before any thread in the target executes. The declaration of
|
|
|
Chromium Code Reviews
Issue 937353002:
Adding method to create process using LowBox token in sandbox code. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master