Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(315)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/suid/sandbox.c

Issue 197213015: [Linux] Use PR_SET_NO_NEW_PRIVS by default in base/process/launch.h. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Add function Created 6 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « content/browser/zygote_host/zygote_host_impl_linux.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // http://code.google.com/p/chromium/wiki/LinuxSUIDSandbox 5 // http://code.google.com/p/chromium/wiki/LinuxSUIDSandbox
6 6
7 #include "common/sandbox.h" 7 #include "common/sandbox.h"
8 8
9 #define _GNU_SOURCE 9 #define _GNU_SOURCE
10 #include <asm/unistd.h> 10 #include <asm/unistd.h>
(...skipping 285 matching lines...) Expand 10 before | Expand all | Expand 10 after
296 296
297 break; 297 break;
298 } 298 }
299 299
300 // If EINVAL then the system doesn't support the requested flags, so 300 // If EINVAL then the system doesn't support the requested flags, so
301 // continue to try a different set. 301 // continue to try a different set.
302 // On any other errno value the system *does* support these flags but 302 // On any other errno value the system *does* support these flags but
303 // something went wrong, hence we bail with an error message rather then 303 // something went wrong, hence we bail with an error message rather then
304 // provide less security. 304 // provide less security.
305 if (errno != EINVAL) { 305 if (errno != EINVAL) {
306 fprintf(stderr, "Failed to move to new namespace:");
306 if (kCloneExtraFlags[i] & CLONE_NEWPID) { 307 if (kCloneExtraFlags[i] & CLONE_NEWPID) {
307 fprintf(stderr, " PID namespaces supported"); 308 fprintf(stderr, " PID namespaces supported,");
308 } 309 }
309 if (kCloneExtraFlags[i] & CLONE_NEWNET) { 310 if (kCloneExtraFlags[i] & CLONE_NEWNET) {
310 fprintf(stderr, " Network namespace supported"); 311 fprintf(stderr, " Network namespace supported,");
311 } 312 }
312 fprintf(stderr, "but failed: errno = %s\n", strerror(clone_errno)); 313 fprintf(stderr, " but failed: errno = %s\n", strerror(clone_errno));
313 return false; 314 return false;
314 } 315 }
315 } 316 }
316 317
317 // If the system doesn't support NEWPID then we carry on anyway. 318 // If the system doesn't support NEWPID then we carry on anyway.
318 return true; 319 return true;
319 } 320 }
320 321
321 static bool DropRoot() { 322 static bool DropRoot() {
322 if (prctl(PR_SET_DUMPABLE, 0, 0, 0, 0)) { 323 if (prctl(PR_SET_DUMPABLE, 0, 0, 0, 0)) {
(...skipping 156 matching lines...) Expand 10 before | Expand all | Expand 10 after
479 !endptr || *endptr || errno != 0) 480 !endptr || *endptr || errno != 0)
480 return 1; 481 return 1;
481 return AdjustOOMScore(pid, score); 482 return AdjustOOMScore(pid, score);
482 } 483 }
483 484
484 // Protect the core setuid sandbox functionality with an API version 485 // Protect the core setuid sandbox functionality with an API version
485 if (!CheckAndExportApiVersion()) { 486 if (!CheckAndExportApiVersion()) {
486 return 1; 487 return 1;
487 } 488 }
488 489
490 if (geteuid() != 0) {
491 fprintf(stderr,
492 "The setuid sandbox is not running as root. Common causes:\n"
493 " * An unprivileged process using ptrace on it, like a debugger.\n"
494 " * A parent process set prctl(PR_SET_NO_NEW_PRIVS, ...)\n");
495 }
496
489 if (!MoveToNewNamespaces()) 497 if (!MoveToNewNamespaces())
490 return 1; 498 return 1;
491 if (!SpawnChrootHelper()) 499 if (!SpawnChrootHelper())
492 return 1; 500 return 1;
493 if (!DropRoot()) 501 if (!DropRoot())
494 return 1; 502 return 1;
495 if (!SetupChildEnvironment()) 503 if (!SetupChildEnvironment())
496 return 1; 504 return 1;
497 505
498 execv(argv[1], &argv[1]); 506 execv(argv[1], &argv[1]);
499 FatalError("execv failed"); 507 FatalError("execv failed");
500 508
501 return 1; 509 return 1;
502 } 510 }
OLDNEW
« no previous file with comments | « content/browser/zygote_host/zygote_host_impl_linux.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698