by rcdrone » Wed Mar 04, 2020 2:44 pm
no_sandbox was already set to true. This is the relevant code block from CefContext::Initialize
sandbox::SandboxInterfaceInfo sandbox_info = {0};
if (windows_sandbox_info == nullptr) {
content::InitializeSandboxInfo(&sandbox_info); // bad for OBS
windows_sandbox_info = &sandbox_info;
settings_.no_sandbox = true;
}
This is the Chromium implementation of content::InitializeSandboxInfo:
void InitializeSandboxInfo(sandbox::SandboxInterfaceInfo* info) {
info->broker_services = sandbox::SandboxFactory::GetBrokerServices();
if (!info->broker_services) {
info->target_services = sandbox::SandboxFactory::GetTargetServices();
} else {
// Ensure the proper mitigations are enforced for the browser process.
sandbox::ApplyProcessMitigationsToCurrentProcess(
sandbox::MITIGATION_DEP | sandbox::MITIGATION_DEP_NO_ATL_THUNK |
sandbox::MITIGATION_HARDEN_TOKEN_IL_POLICY);
// Note: these mitigations are "post-startup". Some mitigations that need
// to be enabled sooner (e.g. MITIGATION_EXTENSION_POINT_DISABLE) are done
// so in Chrome_ELF.
}
}
MITIGATION_HARDEN_TOKEN_IL_POLICY is bad for OBS. The CEF version of InitializeSandboxInfo works better for us, but cef_sandbox.lib is proving problematic to build and link against.
void InitializeSandboxInfo(sandbox::SandboxInterfaceInfo* info) {
info->broker_services = sandbox::SandboxFactory::GetBrokerServices();
if (!info->broker_services) {
info->target_services = sandbox::SandboxFactory::GetTargetServices();
} else {
// Ensure the proper mitigations are enforced for the browser process.
sandbox::ApplyProcessMitigationsToCurrentProcess(
sandbox::MITIGATION_DEP | sandbox::MITIGATION_DEP_NO_ATL_THUNK);
}
}
The current solution they have arrived on is to pass uintptr_t[32]{} as windows_sandbox_info, which I am not a fan of.