OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/renderer/renderer_main_platform_delegate.h" | 5 #include "content/renderer/renderer_main_platform_delegate.h" |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "content/common/seccomp_sandbox.h" | 8 #include "content/common/seccomp_sandbox.h" |
9 #include "content/public/common/content_switches.h" | 9 #include "content/public/common/content_switches.h" |
| 10 #include "content/public/common/sandbox_init.h" |
10 | 11 |
11 RendererMainPlatformDelegate::RendererMainPlatformDelegate( | 12 RendererMainPlatformDelegate::RendererMainPlatformDelegate( |
12 const content::MainFunctionParams& parameters) | 13 const content::MainFunctionParams& parameters) |
13 : parameters_(parameters) { | 14 : parameters_(parameters) { |
14 } | 15 } |
15 | 16 |
16 RendererMainPlatformDelegate::~RendererMainPlatformDelegate() { | 17 RendererMainPlatformDelegate::~RendererMainPlatformDelegate() { |
17 } | 18 } |
18 | 19 |
19 void RendererMainPlatformDelegate::PlatformInitialize() { | 20 void RendererMainPlatformDelegate::PlatformInitialize() { |
(...skipping 14 matching lines...) Expand all Loading... |
34 // | 35 // |
35 // The seccomp sandbox is started in the renderer. | 36 // The seccomp sandbox is started in the renderer. |
36 // http://code.google.com/p/seccompsandbox/ | 37 // http://code.google.com/p/seccompsandbox/ |
37 #if defined(SECCOMP_SANDBOX) | 38 #if defined(SECCOMP_SANDBOX) |
38 // N.b. SupportsSeccompSandbox() returns a cached result, as we already | 39 // N.b. SupportsSeccompSandbox() returns a cached result, as we already |
39 // called it earlier in the zygote. Thus, it is OK for us to not pass in | 40 // called it earlier in the zygote. Thus, it is OK for us to not pass in |
40 // a file descriptor for "/proc". | 41 // a file descriptor for "/proc". |
41 if (SeccompSandboxEnabled() && SupportsSeccompSandbox(-1)) | 42 if (SeccompSandboxEnabled() && SupportsSeccompSandbox(-1)) |
42 StartSeccompSandbox(); | 43 StartSeccompSandbox(); |
43 #endif | 44 #endif |
| 45 content::InitializeSandbox(); |
44 return true; | 46 return true; |
45 } | 47 } |
46 | 48 |
47 void RendererMainPlatformDelegate::RunSandboxTests() { | 49 void RendererMainPlatformDelegate::RunSandboxTests() { |
48 // The sandbox is started in the zygote process: zygote_main_linux.cc | 50 // The sandbox is started in the zygote process: zygote_main_linux.cc |
49 // http://code.google.com/p/chromium/wiki/LinuxSUIDSandbox | 51 // http://code.google.com/p/chromium/wiki/LinuxSUIDSandbox |
50 } | 52 } |
OLD | NEW |