| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/zygote_host_impl_linux.h" | 5 #include "content/browser/zygote_host_impl_linux.h" |
| 6 | 6 |
| 7 #include <sys/socket.h> | 7 #include <sys/socket.h> |
| 8 #include <sys/stat.h> | 8 #include <sys/stat.h> |
| 9 #include <sys/types.h> | 9 #include <sys/types.h> |
| 10 #include <unistd.h> | 10 #include <unistd.h> |
| (...skipping 20 matching lines...) Expand all Loading... |
| 31 #include "content/public/browser/content_browser_client.h" | 31 #include "content/public/browser/content_browser_client.h" |
| 32 #include "content/public/common/content_switches.h" | 32 #include "content/public/common/content_switches.h" |
| 33 #include "content/public/common/result_codes.h" | 33 #include "content/public/common/result_codes.h" |
| 34 #include "sandbox/linux/suid/sandbox.h" | 34 #include "sandbox/linux/suid/sandbox.h" |
| 35 #include "sandbox/linux/suid/suid_unsafe_environment_variables.h" | 35 #include "sandbox/linux/suid/suid_unsafe_environment_variables.h" |
| 36 | 36 |
| 37 #if defined(USE_TCMALLOC) | 37 #if defined(USE_TCMALLOC) |
| 38 #include "third_party/tcmalloc/chromium/src/gperftools/heap-profiler.h" | 38 #include "third_party/tcmalloc/chromium/src/gperftools/heap-profiler.h" |
| 39 #endif | 39 #endif |
| 40 | 40 |
| 41 // Set an environment variable that reflects the API version we expect from the |
| 42 // setuid sandbox. Old versions of the sandbox will ignore this. |
| 43 static void SetSandboxAPIEnvironmentVariable() { |
| 44 scoped_ptr<base::Environment> env(base::Environment::Create()); |
| 45 env->SetVar(base::kSandboxEnvironmentApiRequest, |
| 46 base::IntToString(base::kSUIDSandboxApiNumber)); |
| 47 } |
| 48 |
| 41 static void SaveSUIDUnsafeEnvironmentVariables() { | 49 static void SaveSUIDUnsafeEnvironmentVariables() { |
| 42 // The ELF loader will clear many environment variables so we save them to | 50 // The ELF loader will clear many environment variables so we save them to |
| 43 // different names here so that the SUID sandbox can resolve them for the | 51 // different names here so that the SUID sandbox can resolve them for the |
| 44 // renderer. | 52 // renderer. |
| 45 | 53 |
| 46 for (unsigned i = 0; kSUIDUnsafeEnvironmentVariables[i]; ++i) { | 54 for (unsigned i = 0; kSUIDUnsafeEnvironmentVariables[i]; ++i) { |
| 47 const char* const envvar = kSUIDUnsafeEnvironmentVariables[i]; | 55 const char* const envvar = kSUIDUnsafeEnvironmentVariables[i]; |
| 48 char* const saved_envvar = SandboxSavedEnvironmentVariable(envvar); | 56 char* const saved_envvar = SandboxSavedEnvironmentVariable(envvar); |
| 49 if (!saved_envvar) | 57 if (!saved_envvar) |
| 50 continue; | 58 continue; |
| (...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 139 } | 147 } |
| 140 | 148 |
| 141 if (access(sandbox_binary_.c_str(), X_OK) == 0 && | 149 if (access(sandbox_binary_.c_str(), X_OK) == 0 && |
| 142 (st.st_uid == 0) && | 150 (st.st_uid == 0) && |
| 143 (st.st_mode & S_ISUID) && | 151 (st.st_mode & S_ISUID) && |
| 144 (st.st_mode & S_IXOTH)) { | 152 (st.st_mode & S_IXOTH)) { |
| 145 using_suid_sandbox_ = true; | 153 using_suid_sandbox_ = true; |
| 146 cmd_line.PrependWrapper(sandbox_binary_); | 154 cmd_line.PrependWrapper(sandbox_binary_); |
| 147 | 155 |
| 148 SaveSUIDUnsafeEnvironmentVariables(); | 156 SaveSUIDUnsafeEnvironmentVariables(); |
| 157 SetSandboxAPIEnvironmentVariable(); |
| 149 } else { | 158 } else { |
| 150 LOG(FATAL) << "The SUID sandbox helper binary was found, but is not " | 159 LOG(FATAL) << "The SUID sandbox helper binary was found, but is not " |
| 151 "configured correctly. Rather than run without sandboxing " | 160 "configured correctly. Rather than run without sandboxing " |
| 152 "I'm aborting now. You need to make sure that " | 161 "I'm aborting now. You need to make sure that " |
| 153 << sandbox_binary_ << " is owned by root and has mode 4755."; | 162 << sandbox_binary_ << " is owned by root and has mode 4755."; |
| 154 } | 163 } |
| 155 } else { | 164 } else { |
| 156 LOG(WARNING) << "Running without the SUID sandbox! See " | 165 LOG(WARNING) << "Running without the SUID sandbox! See " |
| 157 "http://code.google.com/p/chromium/wiki/LinuxSUIDSandboxDevelopment " | 166 "http://code.google.com/p/chromium/wiki/LinuxSUIDSandboxDevelopment " |
| 158 "for more information on developing with the sandbox on."; | 167 "for more information on developing with the sandbox on."; |
| (...skipping 332 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 491 | 500 |
| 492 pid_t ZygoteHostImpl::GetSandboxHelperPid() const { | 501 pid_t ZygoteHostImpl::GetSandboxHelperPid() const { |
| 493 return RenderSandboxHostLinux::GetInstance()->pid(); | 502 return RenderSandboxHostLinux::GetInstance()->pid(); |
| 494 } | 503 } |
| 495 | 504 |
| 496 int ZygoteHostImpl::GetSandboxStatus() const { | 505 int ZygoteHostImpl::GetSandboxStatus() const { |
| 497 if (have_read_sandbox_status_word_) | 506 if (have_read_sandbox_status_word_) |
| 498 return sandbox_status_; | 507 return sandbox_status_; |
| 499 return 0; | 508 return 0; |
| 500 } | 509 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10492006:
Setuid sandbox API versioning (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src