Revert "Strengthen MITIGATION_DLL_SEARCH_ORDER on non-component builds."
This reverts commit 58443848de
(just the policy setting on browser process).
Reason for revert: breaks some third party CAPI providers.
BUG=880835
Original change's description:
> Strengthen MITIGATION_DLL_SEARCH_ORDER on non-component builds.
>
> Also, add this mitigation to the browser process.
>
> BUG=870463
>
> Change-Id: I1e749a4ede0b41cca69f60262fd878c57ed35564
> Reviewed-on: https://chromium-review.googlesource.com/1162581
> Reviewed-by: Penny MacNeil <pennymac@chromium.org>
> Commit-Queue: Will Harris <wfh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#581067}
TBR=pennymac@chromium.org,wfh@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: 870463
Change-Id: I2ae97b0955cc5d1196ab002e02285da05b3a4d35
Reviewed-on: https://chromium-review.googlesource.com/c/1292370
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Will Harris <wfh@chromium.org>
Commit-Queue: David Benjamin <davidben@chromium.org>
Commit-Queue: Will Harris <wfh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#601318}
This commit is contained in:
@ -17,8 +17,7 @@ void InitializeSandboxInfo(sandbox::SandboxInterfaceInfo* info) {
|
||||
// Ensure the proper mitigations are enforced for the browser process.
|
||||
sandbox::ApplyProcessMitigationsToCurrentProcess(
|
||||
sandbox::MITIGATION_DEP | sandbox::MITIGATION_DEP_NO_ATL_THUNK |
|
||||
sandbox::MITIGATION_HARDEN_TOKEN_IL_POLICY |
|
||||
sandbox::MITIGATION_DLL_SEARCH_ORDER);
|
||||
sandbox::MITIGATION_HARDEN_TOKEN_IL_POLICY);
|
||||
// Note: these mitigations are "post-startup". Some mitigations that need
|
||||
// to be enabled sooner (e.g. MITIGATION_EXTENSION_POINT_DISABLE) are done
|
||||
// so in Chrome_ELF.
|
||||
|
Reference in New Issue
Block a user