|
Lines 912-928
bool SandboxBroker::SetSecurityLevelForS
|
Link Here
|
---|
|
912 |
} |
912 |
} |
913 |
|
913 |
|
914 |
auto result = |
914 |
auto result = |
915 |
SetJobLevel(mPolicy, sandbox::JOB_LOCKDOWN, 0 /* ui_exceptions */); |
915 |
SetJobLevel(mPolicy, sandbox::JOB_LOCKDOWN, 0 /* ui_exceptions */); |
916 |
SANDBOX_ENSURE_SUCCESS( |
916 |
SANDBOX_ENSURE_SUCCESS( |
917 |
result, |
917 |
result, |
918 |
"SetJobLevel should never fail with these arguments, what happened?"); |
918 |
"SetJobLevel should never fail with these arguments, what happened?"); |
919 |
|
919 |
|
920 |
result = mPolicy->SetTokenLevel(sandbox::USER_RESTRICTED_SAME_ACCESS, |
920 |
result = mPolicy->SetTokenLevel(sandbox::USER_LIMITED, |
921 |
sandbox::USER_LIMITED); |
921 |
sandbox::USER_LIMITED); |
922 |
SANDBOX_ENSURE_SUCCESS( |
922 |
SANDBOX_ENSURE_SUCCESS( |
923 |
result, |
923 |
result, |
924 |
"SetTokenLevel should never fail with these arguments, what happened?"); |
924 |
"SetTokenLevel should never fail with these arguments, what happened?"); |
925 |
|
925 |
|
926 |
result = mPolicy->SetAlternateDesktop(true); |
926 |
result = mPolicy->SetAlternateDesktop(true); |
927 |
if (NS_WARN_IF(result != sandbox::SBOX_ALL_OK)) { |
927 |
if (NS_WARN_IF(result != sandbox::SBOX_ALL_OK)) { |
928 |
LOG_W("SetAlternateDesktop failed, result: %i, last error: %x", result, |
928 |
LOG_W("SetAlternateDesktop failed, result: %i, last error: %x", result, |