commit 441d852dbcb7b9b31328393c7e31562b1e268399
author Penny MacNeil <pennymac@chromium.org> Wed Feb 03 17:33:31 2016
committer Penny MacNeil <pennymac@chromium.org> Wed Feb 03 17:36:13 2016
tree d1ae86ec80bc2b28d7b2dfbfa55c32db30a4edb7
parent 5afc367d65356a8681ad1ae74eee38a18a545f76

[Win10 sandbox mitigations]  Four new Win10 mitigations added.

1. Disable non-system font loading on >= WIN10 (MITIGATION_NONSYSTEM_FONT_DISABLE).
2. Disable image loads from remote devices on >= WIN10_TH2 (MITIGATION_IMAGE_LOAD_NO_REMOTE).
3. Disable loading images that are labelled low integrity mandatory on >= WIN10_TH2 (MITIGATION_IMAGE_LOAD_NO_LOW_LABEL).
4. Extra disabling of child process creation on >= WIN10_TH2.  In BrokerServicesBase::SpawnTarget(), if JobLevel <= JOB_LIMITED_USER, set PROC_THREAD_ATTRIBUTE_CHILD_PROCESS_POLICY to PROCESS_CREATION_CHILD_PROCESS_RESTRICTED via UpdateProcThreadAttribute().

This CL enables all four mitigations on every Chrome process except for
browser.  sbox_integration_tests have also been updated appropriately.

base::win::VERSION_WIN10_TH2 has been added to identify
Threshold 2/1511/10586.

BUG=504006
R=jschuh@chromium.org, wfh@chromium.org

Review URL: https://codereview.chromium.org/1626623003 .

Cr-Commit-Position: refs/heads/master@{#373265}