Closed Bug 928055 Opened 11 years ago Closed 10 years ago

Enable windows station sandboxing in windows sandbox policy for content processes

Categories

(Core :: Security, defect)

Product:
Core
Component:
Security
Platform:
x86_64
Windows NT
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla33

People

(Reporter: bbondy, Assigned: TimAbraldes)

References

Details

Attachments

(3 obsolete files) 

This bug is to enable windows station sandboxing, but not using its own desktop.  It's trivial to do both at the same time, but I'd like to do it in steps in case something breaks.
Product: Calendar → Core
Comment 0 is a bit wrong, it should read:
This bug is to enable windows station sandboxing, *while also having its own desktop*.  It's trivial to do both at the same time, but I'd like to do it in steps in case something breaks.
Attached patch Patch v1. (obsolete) (deleted) — Splinter Review 
This will land a few days after landing the separate desktop patch and the type of thing it can break is clipboard, input, UI, and more resources affected by the window station boundary.

There is no known fallout or this policy change.
Attachment #821275 - Flags: review?(aklotz)
Attachment #821275 - Flags: review?(aklotz) → review+
Attached patch Patch v1' (obsolete) (deleted) — Splinter Review 
Rebase, same code, carrying forward r+.
Attachment #821275 - Attachment is obsolete: true
Attachment #822756 - Flags: review+
Attached patch Patch v1'' (obsolete) (deleted) — Splinter Review 

        Attachment #822756 -
        Attachment is obsolete: true

        Attachment #822760 -
        Flags: review+

    
    

    
  
This can land whenever but there is no rush.
Assignee: netzen → nobody

    
    

    
  
This patch will look slightly different when bug 1007971 lands, but will still be a 1-liner. It probably makes sense to just update the patch in bug 1007971 to include this change.
Assignee: nobody → tabraldes
Status: NEW → ASSIGNED
Depends on: 1007971
Summary: Enable windows station sandboxing in windows sandbox policy → Enable windows station sandboxing in windows sandbox policy for content processes

        Attachment #822760 -
        Attachment is obsolete: true

    
    

    
  
This landed as part of bug 985252

See https://mxr.mozilla.org/mozilla-central/source/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp?rev=fbd06fa70b84#63
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Depends on: 985252
Target Milestone: --- → mozilla33

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: