Chromium Code Reviews Chromium Code Reviews
Issue 868233011:
Start all children in their own PID namespace. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: content/common/sandbox_linux/sandbox_linux.h |
| diff --git a/content/common/sandbox_linux/sandbox_linux.h b/content/common/sandbox_linux/sandbox_linux.h |
| index 12aabcfc06da020d693ae8b721beb90f805723d1..de70446829e0189b3fadb37b37662773d1f1b96b 100644 |
| --- a/content/common/sandbox_linux/sandbox_linux.h |
| +++ b/content/common/sandbox_linux/sandbox_linux.h |
| @@ -118,6 +118,10 @@ class LinuxSandbox { |
| // to make some vulnerabilities harder to exploit. |
| bool LimitAddressSpace(const std::string& process_type); |
| + // Returns a file descriptor to proc. The file descriptor is no longer valid |
| + // after the sandbox has been sealed. |
| + int proc_fd() { return proc_fd_; } |
|
jln (very slow on Chromium)
2015/02/25 21:32:48
const
rickyz (no longer on Chrome)
2015/03/21 01:35:31
Done.
|
| + |
| #if defined(ANY_OF_AMTLU_SANITIZER) |
| __sanitizer_sandbox_arguments* sanitizer_args() const { |
| return sanitizer_args_.get(); |
