Revert 149692 - Create a LinuxSandbox class.

content/common/seccomp_sandbox.h

Index: content/common/seccomp_sandbox.h
===================================================================
--- content/common/seccomp_sandbox.h	(revision 149703)
+++ content/common/seccomp_sandbox.h	(working copy)
@@ -8,8 +8,14 @@
 // Seccomp enable/disable logic is centralized here.
 // - We define SECCOMP_SANDBOX if seccomp is compiled in at all: currently,
 //   on non-views (non-ChromeOS) non-ARM non-Clang Linux only.
+// - If we have SECCOMP_SANDBOX, we provide SeccompSandboxEnabled() as
+//   a run-time test to determine whether to turn on seccomp:
+//   currently, on by default in debug builds and off by default in
+//   release.
 
+#include "base/command_line.h"
 #include "build/build_config.h"
+#include "content/public/common/content_switches.h"
 
 #if defined(ARCH_CPU_X86_FAMILY) && !defined(CHROMIUM_SELINUX) && \
   !defined(OS_CHROMEOS) && !defined(TOOLKIT_VIEWS) && !defined(OS_OPENBSD)
@@ -17,4 +23,22 @@
 #include "sandbox/linux/seccomp-legacy/sandbox.h"
 #endif
 
+#if defined(SECCOMP_SANDBOX)
+// Return true if seccomp is enabled.
+static bool SeccompSandboxEnabled() {
+  // TODO(evan): turn on for release too once we've flushed out all the bugs,
+  // allowing us to delete this file entirely and just rely on the "disabled"
+  // switch.
+#ifdef NDEBUG
+  // Off by default; allow turning on with a switch.
+  return CommandLine::ForCurrentProcess()->HasSwitch(
+      switches::kEnableSeccompSandbox);
+#else
+  // On by default; allow turning off with a switch.
+  return !CommandLine::ForCurrentProcess()->HasSwitch(
+      switches::kDisableSeccompSandbox);
+#endif  // NDEBUG
+}
+#endif  // SECCOMP_SANDBOX
+
 #endif  // CONTENT_COMMON_SECCOMP_SANDBOX_H_