OLD | NEW |
1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/sandbox_policy.h" | 5 #include "chrome/browser/sandbox_policy.h" |
6 | 6 |
7 #include "app/win_util.h" | 7 #include "app/win_util.h" |
8 #include "base/command_line.h" | 8 #include "base/command_line.h" |
9 #include "base/debug_util.h" | 9 #include "base/debug_util.h" |
10 #include "base/file_util.h" | 10 #include "base/file_util.h" |
(...skipping 325 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
336 base::ProcessHandle process = 0; | 336 base::ProcessHandle process = 0; |
337 const CommandLine& browser_command_line = *CommandLine::ForCurrentProcess(); | 337 const CommandLine& browser_command_line = *CommandLine::ForCurrentProcess(); |
338 ChildProcessInfo::ProcessType type; | 338 ChildProcessInfo::ProcessType type; |
339 std::wstring type_str = cmd_line->GetSwitchValue(switches::kProcessType); | 339 std::wstring type_str = cmd_line->GetSwitchValue(switches::kProcessType); |
340 if (type_str == switches::kRendererProcess) { | 340 if (type_str == switches::kRendererProcess) { |
341 type = ChildProcessInfo::RENDER_PROCESS; | 341 type = ChildProcessInfo::RENDER_PROCESS; |
342 } else if (type_str == switches::kPluginProcess) { | 342 } else if (type_str == switches::kPluginProcess) { |
343 type = ChildProcessInfo::PLUGIN_PROCESS; | 343 type = ChildProcessInfo::PLUGIN_PROCESS; |
344 } else if (type_str == switches::kWorkerProcess) { | 344 } else if (type_str == switches::kWorkerProcess) { |
345 type = ChildProcessInfo::WORKER_PROCESS; | 345 type = ChildProcessInfo::WORKER_PROCESS; |
| 346 } else if (type_str == switches::kNaClProcess) { |
| 347 type = ChildProcessInfo::NACL_PROCESS; |
346 } else if (type_str == switches::kUtilityProcess) { | 348 } else if (type_str == switches::kUtilityProcess) { |
347 type = ChildProcessInfo::UTILITY_PROCESS; | 349 type = ChildProcessInfo::UTILITY_PROCESS; |
348 } else { | 350 } else { |
349 NOTREACHED(); | 351 NOTREACHED(); |
350 return 0; | 352 return 0; |
351 } | 353 } |
352 | 354 |
353 bool in_sandbox = | 355 bool in_sandbox = |
354 !browser_command_line.HasSwitch(switches::kNoSandbox) && | 356 !browser_command_line.HasSwitch(switches::kNoSandbox) && |
355 (type != ChildProcessInfo::PLUGIN_PROCESS || | 357 (type != ChildProcessInfo::PLUGIN_PROCESS || |
356 browser_command_line.HasSwitch(switches::kSafePlugins)); | 358 browser_command_line.HasSwitch(switches::kSafePlugins)); |
357 #if !defined (GOOGLE_CHROME_BUILD) | 359 #if !defined (GOOGLE_CHROME_BUILD) |
358 if (browser_command_line.HasSwitch(switches::kInProcessPlugins)) { | 360 if (browser_command_line.HasSwitch(switches::kInProcessPlugins) || |
| 361 browser_command_line.HasSwitch(switches::kInternalNaCl)) { |
359 // In process plugins won't work if the sandbox is enabled. | 362 // In process plugins won't work if the sandbox is enabled. |
| 363 // The internal NaCl plugin doesn't work in the sandbox for now. |
360 in_sandbox = false; | 364 in_sandbox = false; |
361 } | 365 } |
362 #endif | 366 #endif |
363 | 367 |
364 bool child_needs_help = | 368 bool child_needs_help = |
365 DebugFlags::ProcessDebugFlags(cmd_line, type, in_sandbox); | 369 DebugFlags::ProcessDebugFlags(cmd_line, type, in_sandbox); |
366 | 370 |
367 if (!in_sandbox) { | 371 if (!in_sandbox) { |
368 base::LaunchApp(*cmd_line, false, false, &process); | 372 base::LaunchApp(*cmd_line, false, false, &process); |
369 return process; | 373 return process; |
370 } | 374 } |
371 | 375 |
372 // spawn the child process in the sandbox | 376 // spawn the child process in the sandbox |
373 sandbox::BrokerServices* broker_service = | 377 sandbox::BrokerServices* broker_service = |
374 g_browser_process->broker_services(); | 378 g_browser_process->broker_services(); |
375 | 379 |
376 sandbox::ResultCode result; | 380 sandbox::ResultCode result; |
377 PROCESS_INFORMATION target = {0}; | 381 PROCESS_INFORMATION target = {0}; |
378 sandbox::TargetPolicy* policy = broker_service->CreatePolicy(); | 382 sandbox::TargetPolicy* policy = broker_service->CreatePolicy(); |
379 | 383 |
380 bool on_sandbox_desktop = false; | 384 bool on_sandbox_desktop = false; |
| 385 // TODO(gregoryd): try locked-down policy for sel_ldr after we fix IMC. |
| 386 // TODO(gregoryd): do we need a new desktop for sel_ldr? |
381 if (type == ChildProcessInfo::PLUGIN_PROCESS) { | 387 if (type == ChildProcessInfo::PLUGIN_PROCESS) { |
382 if (!AddPolicyForPlugin(cmd_line, policy)) | 388 if (!AddPolicyForPlugin(cmd_line, policy)) |
383 return 0; | 389 return 0; |
384 } else { | 390 } else { |
385 AddPolicyForRenderer(policy, &on_sandbox_desktop); | 391 AddPolicyForRenderer(policy, &on_sandbox_desktop); |
386 } | 392 } |
387 | 393 |
388 if (!exposed_dir.empty()) { | 394 if (!exposed_dir.empty()) { |
389 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES, | 395 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES, |
390 sandbox::TargetPolicy::FILES_ALLOW_ANY, | 396 sandbox::TargetPolicy::FILES_ALLOW_ANY, |
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
427 | 433 |
428 // Help the process a little. It can't start the debugger by itself if | 434 // Help the process a little. It can't start the debugger by itself if |
429 // the process is in a sandbox. | 435 // the process is in a sandbox. |
430 if (child_needs_help) | 436 if (child_needs_help) |
431 DebugUtil::SpawnDebuggerOnProcess(target.dwProcessId); | 437 DebugUtil::SpawnDebuggerOnProcess(target.dwProcessId); |
432 | 438 |
433 return process; | 439 return process; |
434 } | 440 } |
435 | 441 |
436 } // namespace sandbox | 442 } // namespace sandbox |
OLD | NEW |