diff options
Diffstat (limited to 'sandbox/win/src/sandbox_policy.h')
-rw-r--r-- | sandbox/win/src/sandbox_policy.h | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/sandbox/win/src/sandbox_policy.h b/sandbox/win/src/sandbox_policy.h index 22a2049..6f096fb 100644 --- a/sandbox/win/src/sandbox_policy.h +++ b/sandbox/win/src/sandbox_policy.h @@ -183,6 +183,10 @@ class TargetPolicy { // Sets a capability to be enabled for the sandboxed process' AppContainer. virtual ResultCode SetCapability(const wchar_t* sid) = 0; + // Sets the LowBox token for sandboxed process. This is mutually exclusive + // with SetAppContainer method. + virtual ResultCode SetLowBox(const wchar_t* sid) = 0; + // Sets the mitigations enabled when the process is created. Most of these // are implemented as attributes passed via STARTUPINFOEX. So they take // effect before any thread in the target executes. The declaration of |