| Index: chrome/browser/chrome_main_browsertest.cc
|
| diff --git a/chrome/browser/chrome_main_browsertest.cc b/chrome/browser/chrome_main_browsertest.cc
|
| index 30bcf7156c9e7fddd1c0cc3db0e5d301ce2ae4b0..05faa67f82c58d75b8cb7810de54f56317399b25 100644
|
| --- a/chrome/browser/chrome_main_browsertest.cc
|
| +++ b/chrome/browser/chrome_main_browsertest.cc
|
| @@ -32,7 +32,14 @@ class ChromeMainTest : public InProcessBrowserTest {
|
| ChromeMainTest() {}
|
|
|
| void Relaunch(const CommandLine& new_command_line) {
|
| - base::LaunchProcess(new_command_line, base::LaunchOptions(), NULL);
|
| + base::LaunchOptions options;
|
| +#if defined(OS_LINUX)
|
| + // To prevent accidental privilege sharing to an untrusted child, processes
|
| + // are started with PR_SET_NO_NEW_PRIVS. Do not set that here, since this
|
| + // new child will be a test browser process.
|
| + options.allow_new_privs = true;
|
| +#endif
|
| + base::LaunchProcess(new_command_line, options, NULL);
|
| }
|
| };
|
|
|
|
|
Chromium Code Reviews
Issue 197213015:
[Linux] Use PR_SET_NO_NEW_PRIVS by default in base/process/launch.h. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src