Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(2084)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/printing/cloud_print/test/cloud_print_policy_browsertest.cc

Issue 197213015: [Linux] Use PR_SET_NO_NEW_PRIVS by default in base/process/launch.h. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Address jln's comments Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/chrome_main_browsertest.cc ('k') | chrome/browser/sessions/session_restore_browsertest.cc » ('j') | sandbox/linux/suid/sandbox.c » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/printing/cloud_print/test/cloud_print_policy_browsertest.cc
diff --git a/chrome/browser/printing/cloud_print/test/cloud_print_policy_browsertest.cc b/chrome/browser/printing/cloud_print/test/cloud_print_policy_browsertest.cc
index 344fcf42bbdc90743b8b0ed781cd4f4204dd9b48..e4dd5a849958399d3a201368f5fbf4025958de42 100644
--- a/chrome/browser/printing/cloud_print/test/cloud_print_policy_browsertest.cc
+++ b/chrome/browser/printing/cloud_print/test/cloud_print_policy_browsertest.cc
@@ -45,9 +45,16 @@ IN_PROC_BROWSER_TEST_F(CloudPrintPolicyTest, NormalPassedFlag) {
chrome::NOTIFICATION_TAB_ADDED,
content::NotificationService::AllSources());
+ base::LaunchOptions options;
+#if defined(OS_LINUX)
+ // To prevent accidental privilege sharing to an untrusted child, processes
+ // are started with PR_SET_NO_NEW_PRIVS. Do not set that here, since this
+ // new child will be a test browser process.
+ options.allow_new_privs = true;
+#endif
base::ProcessHandle handle;
bool launched =
- base::LaunchProcess(new_command_line, base::LaunchOptions(), &handle);
+ base::LaunchProcess(new_command_line, options, &handle);
EXPECT_TRUE(launched);
observer.Wait();
@@ -67,9 +74,16 @@ IN_PROC_BROWSER_TEST_F(CloudPrintPolicyTest, DISABLED_CloudPrintPolicyFlag) {
CommandLine new_command_line(GetCommandLineForRelaunch());
new_command_line.AppendSwitch(switches::kCheckCloudPrintConnectorPolicy);
+ base::LaunchOptions options;
+#if defined(OS_LINUX)
+ // To prevent accidental privilege sharing to an untrusted child, processes
+ // are started with PR_SET_NO_NEW_PRIVS. Do not set that here, since this
+ // new child will be a test browser process.
+ options.allow_new_privs = true;
+#endif
base::ProcessHandle handle;
bool launched =
- base::LaunchProcess(new_command_line, base::LaunchOptions(), &handle);
+ base::LaunchProcess(new_command_line, options, &handle);
EXPECT_TRUE(launched);
int exit_code = -100;
« no previous file with comments | « chrome/browser/chrome_main_browsertest.cc ('k') | chrome/browser/sessions/session_restore_browsertest.cc » ('j') | sandbox/linux/suid/sandbox.c » ('J')

Powered by Google App Engine
This is Rietveld 408576698