Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(146)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: build/common.gypi

Issue 181030: Clean out leftover bits of the path-based Linux SUID sandbox.... (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/
Patch Set: Created 11 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | sandbox/linux/suid/sandbox.c » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 # Copyright (c) 2009 The Chromium Authors. All rights reserved. 1 # Copyright (c) 2009 The Chromium Authors. All rights reserved.
2 # Use of this source code is governed by a BSD-style license that can be 2 # Use of this source code is governed by a BSD-style license that can be
3 # found in the LICENSE file. 3 # found in the LICENSE file.
4 4
5 { 5 {
6 'variables': { 6 'variables': {
7 # .gyp files should set chromium_code to 1 if they build Chromium-specific 7 # .gyp files should set chromium_code to 1 if they build Chromium-specific
8 # code, as opposed to external code. This variable is used to control 8 # code, as opposed to external code. This variable is used to control
9 # such things as the set of warnings to enable, and whether warnings are 9 # such things as the set of warnings to enable, and whether warnings are
10 # treated as errors. 10 # treated as errors.
(...skipping 80 matching lines...) Expand 10 before | Expand all | Expand 10 after
91 # The architecture that we're building on. 91 # The architecture that we're building on.
92 'target_arch%': 'ia32', 92 'target_arch%': 'ia32',
93 93
94 # By default linux does not use views. To turn on views in Linux 94 # By default linux does not use views. To turn on views in Linux
95 # set the variable GYP_DEFINES to "toolkit_views=1", or modify 95 # set the variable GYP_DEFINES to "toolkit_views=1", or modify
96 # ~/.gyp/include.gypi . 96 # ~/.gyp/include.gypi .
97 'toolkit_views%': 0, 97 'toolkit_views%': 0,
98 98
99 'chromeos%': 0, 99 'chromeos%': 0,
100 100
101 # Set the restrictions on the SUID sandbox binary.
102 # Path: only exec the hard coded chrome binary path
103 # User: only exec binaries owned by the running user.
104 #
105 # Developers should read
106 # http://code.google.com/p/chromium/wiki/LinuxSUIDSandboxDevelopment
107 'linux_suid_sandbox_restrictions%': 'Path',
108
109 # This is the location of the sandbox binary. Chrome looks for this before 101 # This is the location of the sandbox binary. Chrome looks for this before
110 # running the zygote process. If found, and SUID, it will be used to 102 # running the zygote process. If found, and SUID, it will be used to
111 # sandbox the zygote process and, thus, all renderer processes. 103 # sandbox the zygote process and, thus, all renderer processes.
112 'linux_sandbox_path%': '', 104 'linux_sandbox_path%': '',
113 105
114 # If |linux_suid_sandbox_restrictions|, above, is 'Path' then only a single
115 # path is allowed to be exec'ed by the sandbox for security reasons. That
116 # path is set here. It should be the final location of the Chromium binary
117 # on the system.
118 'linux_sandbox_chrome_path%': '/opt/google/chrome/chrome',
119
120 'conditions': [ 106 'conditions': [
121 ['OS=="linux"', { 107 ['OS=="linux"', {
122 'conditions': [ 108 'conditions': [
123 ['branding=="Chrome" or linux_chromium_breakpad==1', { 109 ['branding=="Chrome" or linux_chromium_breakpad==1', {
124 'linux_breakpad%': 1, 110 'linux_breakpad%': 1,
125 }, { 111 }, {
126 'linux_breakpad%': 0, 112 'linux_breakpad%': 0,
127 }], 113 }],
128 ], 114 ],
129 }], # OS=="linux" 115 }], # OS=="linux"
(...skipping 641 matching lines...) Expand 10 before | Expand all | Expand 10 after
771 # settings in target dicts. SYMROOT is a special case, because many other 757 # settings in target dicts. SYMROOT is a special case, because many other
772 # Xcode variables depend on it, including variables such as 758 # Xcode variables depend on it, including variables such as
773 # PROJECT_DERIVED_FILE_DIR. When a source group corresponding to something 759 # PROJECT_DERIVED_FILE_DIR. When a source group corresponding to something
774 # like PROJECT_DERIVED_FILE_DIR is added to a project, in order for the 760 # like PROJECT_DERIVED_FILE_DIR is added to a project, in order for the
775 # files to appear (when present) in the UI as actual files and not red 761 # files to appear (when present) in the UI as actual files and not red
776 # red "missing file" proxies, the correct path to PROJECT_DERIVED_FILE_DIR, 762 # red "missing file" proxies, the correct path to PROJECT_DERIVED_FILE_DIR,
777 # and therefore SYMROOT, needs to be set at the project level. 763 # and therefore SYMROOT, needs to be set at the project level.
778 'SYMROOT': '<(DEPTH)/xcodebuild', 764 'SYMROOT': '<(DEPTH)/xcodebuild',
779 }, 765 },
780 } 766 }
OLDNEW
« no previous file with comments | « no previous file | sandbox/linux/suid/sandbox.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698