New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 750886 link

Starred by 1 user

Issue metadata

Status: Verified
Owner:
Last visit > 30 days ago
Closed: Mar 2018
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 2
Type: Feature

Blocking:
issue 733739



Sign in to add a comment

[Windows Sandbox] Enable new FORCE_MS_SIGNED mitigation.

Project Member Reported by penny...@chromium.org, Jul 31 2017

Issue description

Enable MITIGATION_FORCE_MS_SIGNED_BINS post-startup on all sandboxed child processes.
 
Project Member

Comment 1 by bugdroid1@chromium.org, Aug 8 2017

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/9e9ae5c744fa28bd50a3e7bb18d4f51016e560a2

commit 9e9ae5c744fa28bd50a3e7bb18d4f51016e560a2
Author: Penny MacNeil <pennymac@chromium.org>
Date: Tue Aug 08 01:35:38 2017

[Windows Sandbox] MS-signed binaries only, post-startup.

Enable MITIGATION_FORCE_MS_SIGNED_BINS post-startup (after warmup) on
all sandboxed child processes.  Any third-party modules must be loaded
at process startup.

Also includes a temporary emergency off switch. "WinSboxForceMsSigned" can be used on the command line to disable the block.

(Aside: this CL also removes the old emergency off switch around MITIGATION_EXTENSION_POINT_DISABLE - for child processes.)

TEST= sbox_integration_tests.exe, ProcessMitigationsTest.*
BUG= 750886 

Change-Id: I638aebade28ff42743b07d885dff8230a1e25c49
Reviewed-on: https://chromium-review.googlesource.com/596677
Commit-Queue: Penny MacNeil <pennymac@chromium.org>
Reviewed-by: Will Harris <wfh@chromium.org>
Reviewed-by: Charlie Reis <creis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#492495}
[modify] https://crrev.com/9e9ae5c744fa28bd50a3e7bb18d4f51016e560a2/content/common/sandbox_win.cc
[modify] https://crrev.com/9e9ae5c744fa28bd50a3e7bb18d4f51016e560a2/content/public/common/content_features.cc
[modify] https://crrev.com/9e9ae5c744fa28bd50a3e7bb18d4f51016e560a2/content/public/common/content_features.h

First hit canary in M62, branch 3180, 08 Aug 2017. (62.0.3180.x)
Here are the steps I used on Chrome Dev channel 62 since Beta was still on release 61. 

Start ZoomText 11.5.110.410 (64-bit) - I used Zoom Level 2.25
Start Google Chrome 62.0.3202.9 (Official Build) dev (64-bit) (cohort: Dev)
Fonts appear to be smooth, no anomalies seen. 
Note the following messages appeared. I didn't follow any of the instructions except opening ZoomText first for this specific test. 

https://screenshot.googleplex.com/DpyYfTXMJqd.png
https://screenshot.googleplex.com/ZQ66oHGEqKh.png
Status: Verified (was: Assigned)
Summary: [Windows Sandbox] Enable new FORCE_MS_SIGNED mitigation. (was: [Windows Sandbox] Enable new process mitigations)
Description: Show this description
Blocking: 733739
Project Member

Comment 7 by bugdroid1@chromium.org, Mar 27 2018

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/0491c375745f4f948e7c41df2c0824d69fe39bee

commit 0491c375745f4f948e7c41df2c0824d69fe39bee
Author: Penny MacNeil <pennymac@chromium.org>
Date: Tue Mar 27 19:17:18 2018

[Windows Sandbox] Remove temp emergency-off switch.

Remove "WinSboxForceMsSigned" feature off switch.  The mitigation has been on for
all sandboxed child processes since M62.

R: forshaw@chromium.org
BUG:  750886 
Change-Id: I9ea899e512d16db110fe9da33fa2d50758c3da82
Reviewed-on: https://chromium-review.googlesource.com/972360
Commit-Queue: Penny MacNeil <pennymac@chromium.org>
Reviewed-by: James Forshaw <forshaw@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Cr-Commit-Position: refs/heads/master@{#546196}
[modify] https://crrev.com/0491c375745f4f948e7c41df2c0824d69fe39bee/services/service_manager/sandbox/features.cc
[modify] https://crrev.com/0491c375745f4f948e7c41df2c0824d69fe39bee/services/service_manager/sandbox/features.h
[modify] https://crrev.com/0491c375745f4f948e7c41df2c0824d69fe39bee/services/service_manager/sandbox/win/sandbox_win.cc

Sign in to add a comment