Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(517)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/renderer/renderer_main_platform_delegate_linux.cc

Issue 10546130: Merge 140080 - Block ptrace (and ptrace-like) syscalls from the renderer and worker processs. (Closed) Base URL: svn://svn.chromium.org/chrome/branches/1132/src/
Patch Set: Created 8 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « content/common/sandbox_init_linux.cc ('k') | content/worker/worker_main.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/renderer/renderer_main_platform_delegate.h" 5 #include "content/renderer/renderer_main_platform_delegate.h"
6 6
7 #include "base/command_line.h" 7 #include "base/command_line.h"
8 #include "content/common/seccomp_sandbox.h" 8 #include "content/common/seccomp_sandbox.h"
9 #include "content/public/common/content_switches.h" 9 #include "content/public/common/content_switches.h"
10 #include "content/public/common/sandbox_init.h"
10 11
11 RendererMainPlatformDelegate::RendererMainPlatformDelegate( 12 RendererMainPlatformDelegate::RendererMainPlatformDelegate(
12 const content::MainFunctionParams& parameters) 13 const content::MainFunctionParams& parameters)
13 : parameters_(parameters) { 14 : parameters_(parameters) {
14 } 15 }
15 16
16 RendererMainPlatformDelegate::~RendererMainPlatformDelegate() { 17 RendererMainPlatformDelegate::~RendererMainPlatformDelegate() {
17 } 18 }
18 19
19 void RendererMainPlatformDelegate::PlatformInitialize() { 20 void RendererMainPlatformDelegate::PlatformInitialize() {
(...skipping 14 matching lines...) Expand all
34 // 35 //
35 // The seccomp sandbox is started in the renderer. 36 // The seccomp sandbox is started in the renderer.
36 // http://code.google.com/p/seccompsandbox/ 37 // http://code.google.com/p/seccompsandbox/
37 #if defined(SECCOMP_SANDBOX) 38 #if defined(SECCOMP_SANDBOX)
38 // N.b. SupportsSeccompSandbox() returns a cached result, as we already 39 // N.b. SupportsSeccompSandbox() returns a cached result, as we already
39 // called it earlier in the zygote. Thus, it is OK for us to not pass in 40 // called it earlier in the zygote. Thus, it is OK for us to not pass in
40 // a file descriptor for "/proc". 41 // a file descriptor for "/proc".
41 if (SeccompSandboxEnabled() && SupportsSeccompSandbox(-1)) 42 if (SeccompSandboxEnabled() && SupportsSeccompSandbox(-1))
42 StartSeccompSandbox(); 43 StartSeccompSandbox();
43 #endif 44 #endif
45 content::InitializeSandbox();
44 return true; 46 return true;
45 } 47 }
46 48
47 void RendererMainPlatformDelegate::RunSandboxTests() { 49 void RendererMainPlatformDelegate::RunSandboxTests() {
48 // The sandbox is started in the zygote process: zygote_main_linux.cc 50 // The sandbox is started in the zygote process: zygote_main_linux.cc
49 // http://code.google.com/p/chromium/wiki/LinuxSUIDSandbox 51 // http://code.google.com/p/chromium/wiki/LinuxSUIDSandbox
50 } 52 }
OLDNEW
« no previous file with comments | « content/common/sandbox_init_linux.cc ('k') | content/worker/worker_main.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698