Changes

Jump to: navigation, search

Security/Sandbox

864 bytes added, 17:00, 26 August 2020
Windows: updated policy settings added RDD
{| class="wikitable"
|-
! Sandbox Feature !! Level 5 !! Level 6(default)
|-
| Job Level || JOB_LOCKDOWN || JOB_LOCKDOWN
[http://mxr.mozilla.org/mozilla-central/source/security/sandbox/chromium/sandbox/win/src/security_level.h Windows Feature Header]
=== Gecko Media Plugin (GMP) ===
{| class="wikitable"
MITIGATION_HEAP_TERMINATE<br>
MITIGATION_SEHOP<br>
MITIGATION_EXTENSION_POINT_DISABLE<br>
MITIGATION_DEP_NO_ATL_THUNK<br>
MITIGATION_DEP<br>Locked Down Default DACL
|-
| Delayed Mitigations
[1] depends on the media plugin
 
=== Remote Data Decoder (RDD) ===
 
{| class="wikitable"
|-
! Sandbox Feature !! Level
|-
| Job Level || JOB_LOCKDOWN
|-
| Access Token Level || USER_LOCKDOWN
|-
| Initial Integrity Level || INTEGRITY_LEVEL_LOW
|-
| Delayed Integrity Level || INTEGRITY_LEVEL_UNTRUSTED
|-
| Alternate desktop || yes
|-
| Mitigations
||
MITIGATION_BOTTOM_UP_ASLR<br>
MITIGATION_HEAP_TERMINATE<br>
MITIGATION_SEHOP<br>
MITIGATION_EXTENSION_POINT_DISABLE<br>
MITIGATION_DEP_NO_ATL_THUNK<br>
MITIGATION_DEP<br>
MITIGATION_IMAGE_LOAD_PREFER_SYS32<br>
MITIGATION_WIN32K_DISABLE<br>
Locked Down Default DACL
|-
| Delayed Mitigations
||
MITIGATION_STRICT_HANDLE_CHECKS<br>
MITIGATION_DYNAMIC_CODE_DISABLE<br>
MITIGATION_DLL_SEARCH_ORDER<br>
MITIGATION_FORCE_MS_SIGNED_BINS
|}
=== 64-bit Plugin ===
MITIGATION_SEHOP<br>
MITIGATION_DEP_NO_ATL_THUNK<br>
MITIGATION_DEP<br>Locked Down Default DACL
|-
| Delayed Mitigations
Bobowen
281
edits
Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1230382"

Navigation menu