| OLD | NEW |
|---|
| 1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/zygote_host_linux.h" | 5 #include "chrome/browser/zygote_host_linux.h" |
| 6 | 6 |
| 7 #include <sys/socket.h> | 7 #include <sys/socket.h> |
| 8 #include <sys/stat.h> | 8 #include <sys/stat.h> |
| 9 #include <sys/types.h> | 9 #include <sys/types.h> |
| 10 #include <unistd.h> | 10 #include <unistd.h> |
| (...skipping 85 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 96 cmd_line.AppendSwitchWithValue(switches::kEnableLogging, | 96 cmd_line.AppendSwitchWithValue(switches::kEnableLogging, |
| 97 browser_command_line.GetSwitchValueASCII( | 97 browser_command_line.GetSwitchValueASCII( |
| 98 switches::kEnableLogging)); | 98 switches::kEnableLogging)); |
| 99 } | 99 } |
| 100 if (browser_command_line.HasSwitch(switches::kUserDataDir)) { | 100 if (browser_command_line.HasSwitch(switches::kUserDataDir)) { |
| 101 // Append with value so logs go to the right file. | 101 // Append with value so logs go to the right file. |
| 102 cmd_line.AppendSwitchWithValue(switches::kUserDataDir, | 102 cmd_line.AppendSwitchWithValue(switches::kUserDataDir, |
| 103 browser_command_line.GetSwitchValueASCII( | 103 browser_command_line.GetSwitchValueASCII( |
| 104 switches::kUserDataDir)); | 104 switches::kUserDataDir)); |
| 105 } | 105 } |
| 106 if (browser_command_line.HasSwitch(switches::kEnableSeccompSandbox)) { | 106 #if defined(USE_SECCOMP_SANDBOX) |
| 107 if (browser_command_line.HasSwitch(switches::kDisableSeccompSandbox)) |
| 108 cmd_line.AppendSwitch(switches::kDisableSeccompSandbox); |
| 109 #else |
| 110 if (browser_command_line.HasSwitch(switches::kEnableSeccompSandbox)) |
| 107 cmd_line.AppendSwitch(switches::kEnableSeccompSandbox); | 111 cmd_line.AppendSwitch(switches::kEnableSeccompSandbox); |
| 108 } | 112 #endif |
| 109 | 113 |
| 110 sandbox_binary_ = sandbox_cmd.c_str(); | 114 sandbox_binary_ = sandbox_cmd.c_str(); |
| 111 struct stat st; | 115 struct stat st; |
| 112 | 116 |
| 113 if (!sandbox_cmd.empty() && stat(sandbox_binary_.c_str(), &st) == 0) { | 117 if (!sandbox_cmd.empty() && stat(sandbox_binary_.c_str(), &st) == 0) { |
| 114 if (access(sandbox_binary_.c_str(), X_OK) == 0 && | 118 if (access(sandbox_binary_.c_str(), X_OK) == 0 && |
| 115 (st.st_uid == 0) && | 119 (st.st_uid == 0) && |
| 116 (st.st_mode & S_ISUID) && | 120 (st.st_mode & S_ISUID) && |
| 117 (st.st_mode & S_IXOTH)) { | 121 (st.st_mode & S_IXOTH)) { |
| 118 using_suid_sandbox_ = true; | 122 using_suid_sandbox_ = true; |
| (...skipping 155 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 274 !read_pickle.ReadBool(&iter, &tmp_child_exited)) { | 278 !read_pickle.ReadBool(&iter, &tmp_child_exited)) { |
| 275 LOG(WARNING) << "Error parsing DidProcessCrash response from zygote."; | 279 LOG(WARNING) << "Error parsing DidProcessCrash response from zygote."; |
| 276 return false; | 280 return false; |
| 277 } | 281 } |
| 278 | 282 |
| 279 if (child_exited) | 283 if (child_exited) |
| 280 *child_exited = tmp_child_exited; | 284 *child_exited = tmp_child_exited; |
| 281 | 285 |
| 282 return did_crash; | 286 return did_crash; |
| 283 } | 287 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1558003:
linux: enable seccomp sandbox by default (Closed)
