-
forshaw authored
This patch adds impersonation of the anonymous token around calls to the CloseClipboard system call. On Windows 8+ the win32k driver captures the access token of the caller and makes it available to other users on the desktop through the system call GetClipboardAccessToken. This introduces a risk of privilege escalation in sandboxed processes. By performing the impersonation then whenever Chrome writes data to the clipboard only the anonymous token is available. BUG=440693 Review URL: https://codereview.chromium.org/792413003 Cr-Commit-Position: refs/heads/master@{#308372}
56332e21
