Closed Bug 1381326 Opened 2 years ago Closed 2 years ago

Enable MITIGATION_EXTENSION_POINT_DISABLE feature for Windows content

Categories

(Core :: Security: Process Sandboxing, enhancement)

All
Windows
enhancement
Not set

Tracking

()

RESOLVED FIXED
mozilla56
Tracking Status
firefox56 --- fixed

People

(Reporter: jimm, Assigned: jimm)

References

(Blocks 1 open bug)

Details

(Whiteboard: sb+)

Attachments

(1 file)

The Extension Point Disable policy, if enabled, prevents certain built-in third party extension points from being used. This policy blocks the following extension points:
•AppInit DLLs
•Winsock Layered Service Providers (LSPs)
•Globoal Windows Hooks
•Legacy Input Method Editors (IMEs)

Local hooks still work with the Extension Point Disable policy enabled. This behavior is used to prevent legacy extension points from being loaded into a process that does not use them. 

PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_ON
Attached patch patchSplinter Review
Attachment #8886868 - Flags: review?(bobowencode)
Attachment #8886868 - Flags: review?(bobowencode) → review+
Keywords: checkin-needed
Pushed by ryanvm@gmail.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/7a493733bf3c
Enable MITIGATION_EXTENSION_POINT_DISABLE feature for Windows content. r=bobowen
Keywords: checkin-needed
damnit, I pushed some windows line endings. I'll fix it after this merges.
Blocks: 1381612
No longer blocks: 1381612
(In reply to Jim Mathies [:jimm] from comment #4)
> damnit, I pushed some windows line endings. I'll fix it after this merges.

nm, different patch.
https://hg.mozilla.org/mozilla-central/rev/7a493733bf3c
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla56
Blocks: 1401926
You need to log in before you can comment on or make changes to this bug.