Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(415)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/src/broker_services.h

Issue 9834065: Revert 128016 - Make sandbox explicitly block opening broker and sandboxed processes (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 8 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « content/common/gpu/gpu_channel.cc ('k') | sandbox/src/broker_services.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef SANDBOX_SRC_BROKER_SERVICES_H__ 5 #ifndef SANDBOX_SRC_BROKER_SERVICES_H__
6 #define SANDBOX_SRC_BROKER_SERVICES_H__ 6 #define SANDBOX_SRC_BROKER_SERVICES_H__
7 7
8 #include <list> 8 #include <list>
9 #include "base/basictypes.h" 9 #include "base/basictypes.h"
10 #include "sandbox/src/crosscall_server.h" 10 #include "sandbox/src/crosscall_server.h"
11 #include "sandbox/src/job.h" 11 #include "sandbox/src/job.h"
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after
67 // the worker thread. 67 // the worker thread.
68 HANDLE job_port_; 68 HANDLE job_port_;
69 69
70 // Handle to a manual-reset event that is signaled when the total target 70 // Handle to a manual-reset event that is signaled when the total target
71 // process count reaches zero. 71 // process count reaches zero.
72 HANDLE no_targets_; 72 HANDLE no_targets_;
73 73
74 // Handle to the worker thread that reacts to job notifications. 74 // Handle to the worker thread that reacts to job notifications.
75 HANDLE job_thread_; 75 HANDLE job_thread_;
76 76
77 // Copy of our security descriptor containing deny ACEs to block children.
78 PSECURITY_DESCRIPTOR security_descriptor_;
79
80 // Lock used to protect the list of targets from being modified by 2 77 // Lock used to protect the list of targets from being modified by 2
81 // threads at the same time. 78 // threads at the same time.
82 CRITICAL_SECTION lock_; 79 CRITICAL_SECTION lock_;
83 80
84 // provides a pool of threads that are used to wait on the IPC calls. 81 // provides a pool of threads that are used to wait on the IPC calls.
85 ThreadProvider* thread_pool_; 82 ThreadProvider* thread_pool_;
86 83
87 // List of the trackers for closing and cleanup purposes. 84 // List of the trackers for closing and cleanup purposes.
88 typedef std::list<JobTracker*> JobTrackerList; 85 typedef std::list<JobTracker*> JobTrackerList;
89 JobTrackerList tracker_list_; 86 JobTrackerList tracker_list_;
90 87
91 DISALLOW_COPY_AND_ASSIGN(BrokerServicesBase); 88 DISALLOW_COPY_AND_ASSIGN(BrokerServicesBase);
92 }; 89 };
93 90
94 } // namespace sandbox 91 } // namespace sandbox
95 92
96 93
97 #endif // SANDBOX_SRC_BROKER_SERVICES_H__ 94 #endif // SANDBOX_SRC_BROKER_SERVICES_H__
OLDNEW
« no previous file with comments | « content/common/gpu/gpu_channel.cc ('k') | sandbox/src/broker_services.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698