Closed Bug 1151767 Opened 5 years ago Closed 5 years ago

Change the default Windows content sandbox to low integrity.

Categories

(Core :: Security: Process Sandboxing, defect)

All
Windows 7
defect
Not set

Tracking

()

RESOLVED FIXED
mozilla40
Tracking Status
firefox40 --- fixed

People

(Reporter: bobowen, Assigned: bobowen)

References

(Depends on 1 open bug)

Details

Attachments

(1 file)

Bug 1149483 made the level 1 content sandbox on Windows a low integrity sandbox.

This bug is to move this policy to the default content sandbox (level 0).

The level 1 settings will be changed back to a slightly stronger policy, which is the next goal.
Depends on: 1151785
No longer blocks: 1151941
Blocks: 1105816
Depends on: 1156742
No longer depends on: 1151785
As the WinXP webgl problem turned out to be a red herring (as far as low integrity is concerned), I think we can land this on Nightly now.

I'll post to dev-platform stating this as I land it and explain how you can go back to level 0 to test if this is causing a particular regression.

Try push to make sure no tests that pass with e10s have regressed:
https://treeherder.mozilla.org/#/jobs?repo=try&revision=0cca47651707
Attachment #8597929 - Flags: review?(blassey.bugs)
Attachment #8597929 - Flags: review?(blassey.bugs) → review+
I thought there were a load of new regressions in that try push, but when I compare it to an e10s only push, all the failures match up:
https://treeherder.mozilla.org/#/jobs?repo=try&revision=3bbb776f1459
https://hg.mozilla.org/mozilla-central/rev/72e664840cf4
Status: ASSIGNED → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla40
Depends on: 1162327
Depends on: 1171796
Depends on: 1173371
Depends on: 1189846
Depends on: 1220341
No longer depends on: 1220341
Depends on: 1235283
Depends on: 1246505
Depends on: 1166637
Depends on: 1247959
You need to log in before you can comment on or make changes to this bug.