| Index: content/common/sandbox_seccomp_bpf_linux.cc
|
| diff --git a/content/common/sandbox_seccomp_bpf_linux.cc b/content/common/sandbox_seccomp_bpf_linux.cc
|
| index 4fc7b3ce7d950511b9d19c18b85976b6d4fcd39b..d9dcfd1b6f773f4f9af10fb5591546972c44325c 100644
|
| --- a/content/common/sandbox_seccomp_bpf_linux.cc
|
| +++ b/content/common/sandbox_seccomp_bpf_linux.cc
|
| @@ -1241,7 +1241,7 @@ ErrorCode GpuProcessPolicy_x86_64(int sysno) {
|
| }
|
| }
|
|
|
| -ErrorCode RendererProcessPolicy_x86_64(int sysno) {
|
| +ErrorCode RendererOrWorkerProcessPolicy_x86_64(int sysno) {
|
| switch (sysno) {
|
| case __NR_ioctl: // TODO(jln) investigate legitimate use in the renderer
|
| // and see if alternatives can be used.
|
| @@ -1360,13 +1360,11 @@ Sandbox::EvaluateSyscall GetProcessSyscallPolicy(
|
| return FlashProcessPolicy_x86_64;
|
| }
|
|
|
| - if (process_type == switches::kRendererProcess) {
|
| - return RendererProcessPolicy_x86_64;
|
| + if (process_type == switches::kRendererProcess ||
|
| + process_type == switches::kWorkerProcess) {
|
| + return RendererOrWorkerProcessPolicy_x86_64;
|
| }
|
|
|
| - if (process_type == switches::kWorkerProcess) {
|
| - return BlacklistDebugAndNumaPolicy;
|
| - }
|
| NOTREACHED();
|
| // This will be our default if we need one.
|
| return AllowAllPolicy;
|
|
|
Chromium Code Reviews
Issue 10907035:
Linux Sandbox: sandbox workers (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src