base/process/launch.h - Issue 197213015: [Linux] Use PR_SET_NO_NEW_PRIVS by default in base/process/launch.h.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: base/process/launch.h

Issue 197213015: [Linux] Use PR_SET_NO_NEW_PRIVS by default in base/process/launch.h. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Address jln's comments Created 6 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

Index: base/process/launch.h

diff --git a/base/process/launch.h b/base/process/launch.h

index d725e05eced8606dafbc3e7134814684e195912b..421982ff72a4c841f7847dffdb13dcd981b74d11 100644

--- a/base/process/launch.h

+++ b/base/process/launch.h

@@ -111,6 +111,10 @@ struct BASE_EXPORT LaunchOptions {

#if defined(OS_LINUX)

// If non-zero, start the process using clone(), using flags as provided.

int clone_flags;

+ // By default, child processes will have the PR_SET_NO_NEW_PRIVS bit set. If

+ // true, then this bit will not be set in the new child process.

+ bool allow_new_privs;

#endif // defined(OS_LINUX)

#if defined(OS_CHROMEOS)