commit | d5c77910b9466a41343b8f0c4ebaa7a75a9aaccc | [log] [tgz] |
---|---|---|
author | Emily Andrews <emiled@microsoft.com> | Thu Nov 04 15:02:00 2021 |
committer | Copybara-Service <copybara-worker@google.com> | Thu Nov 04 15:19:14 2021 |
tree | bf32e846d651ef99c5685802233a308f62f3fe9a | |
parent | f3f872ac512e813655692dfad3a43eab17867b50 [diff] |
Win: Update KTM mitigation build number in process_mitigations_unittest.cc The KTM mitigation was added to the OS starting in KB5005101 for 19041, 19042, and 19043. This is already available in Windows build 19044 and up. Bug: 1172573 Change-Id: I954782f1fc40cd1a147d5846d787c37daf58a925 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3260845 Reviewed-by: Will Harris <wfh@chromium.org> Commit-Queue: Emily Andrews <emiled@microsoft.com> Cr-Commit-Position: refs/heads/main@{#938262} NOKEYCHECK=True GitOrigin-RevId: 7f2481f564485c9e1448372fe9c0cc0561a847a1
This directory contains platform-specific sandboxing libraries. Sandboxing is a technique that can improve the security of an application by separating untrustworthy code (or code that handles untrustworthy data) and restricting its privileges and capabilities.
Each platform relies on the operating system's process primitive to isolate code into distinct security principals, and platform-specific technologies are used to implement the privilege reduction. At a high-level:
mac/
uses the Seatbelt sandbox. See the detailed design for more.linux/
uses namespaces and Seccomp-BPF. See the detailed design for more.win/
uses a combination of restricted tokens, distinct job objects, alternate desktops, and integrity levels. See the detailed design for more.Built on top of the low-level sandboxing library is the //sandbox/policy
component, which provides concrete policies and helper utilities for sandboxing specific Chromium processes and services. The core sandbox library cannot depend on the policy component.