sandbox/linux/services/credentials.cc - Issue 868233011: Start all children in their own PID namespace.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: sandbox/linux/services/credentials.cc

Issue 868233011: Start all children in their own PID namespace. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Respond to more comments. Created 5 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« content/zygote/zygote_linux.cc ('K') | « sandbox/linux/services/credentials.h ('k') | sandbox/linux/services/namespace_sandbox.h » ('j') | sandbox/linux/services/namespace_sandbox_unittest.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: sandbox/linux/services/credentials.cc

diff --git a/sandbox/linux/services/credentials.cc b/sandbox/linux/services/credentials.cc

index 2e66d97cf53a45895d0ea7caeb1e8315f0a510a8..4a606db6432175aa90f2c40169b43f7e05345ece 100644

--- a/sandbox/linux/services/credentials.cc

+++ b/sandbox/linux/services/credentials.cc

@@ -125,6 +125,7 @@ int LinuxCapabilityToKernelValue(LinuxCapability cap) {

} // namespace.

+// static

bool Credentials::DropAllCapabilities(int proc_fd) {

if (!SetCapabilities(proc_fd, std::vector<LinuxCapability>())) {

return false;

@@ -134,22 +135,20 @@ bool Credentials::DropAllCapabilities(int proc_fd) {

return true;

}

+// static

bool Credentials::DropAllCapabilities() {

base::ScopedFD proc_fd(ProcUtil::OpenProc());

return Credentials::DropAllCapabilities(proc_fd.get());

}

// static

-bool Credentials::SetCapabilities(int proc_fd,

- const std::vector<LinuxCapability>& caps) {

- DCHECK_LE(0, proc_fd);

-#if !defined(THREAD_SANITIZER)

- // With TSAN, accept to break the security model as it is a testing

- // configuration.

- CHECK(ThreadHelpers::IsSingleThreaded(proc_fd));

-#endif

+bool Credentials::DropAllCapabilitiesOnCurrentThread() {

+ return SetCapabilitiesOnCurrentThread(std::vector<LinuxCapability>());

+// static

+bool Credentials::SetCapabilitiesOnCurrentThread(

+ const std::vector<LinuxCapability>& caps) {

struct cap_hdr hdr = {};

hdr.version = _LINUX_CAPABILITY_VERSION_3;

struct cap_data data[_LINUX_CAPABILITY_U32S_3] = {{}};

@@ -167,6 +166,20 @@ bool Credentials::SetCapabilities(int proc_fd,

return sys_capset(&hdr, data) == 0;

}

+// static

+bool Credentials::SetCapabilities(int proc_fd,

+ const std::vector<LinuxCapability>& caps) {

+ DCHECK_LE(0, proc_fd);

+#if !defined(THREAD_SANITIZER)

+ // With TSAN, accept to break the security model as it is a testing

+ // configuration.

+ CHECK(ThreadHelpers::IsSingleThreaded(proc_fd));

+#endif

+ return SetCapabilitiesOnCurrentThread(caps);

bool Credentials::HasAnyCapability() {

struct cap_hdr hdr = {};

hdr.version = _LINUX_CAPABILITY_VERSION_3;