| OLD | NEW |
|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/common/sandbox_init_wrapper.h" | 5 #include "chrome/common/sandbox_init_wrapper.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/file_path.h" | 8 #include "base/file_path.h" |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "chrome/common/chrome_switches.h" | 10 #include "chrome/common/chrome_switches.h" |
| 11 #include "chrome/common/sandbox_mac.h" | 11 #include "chrome/common/sandbox_mac.h" |
| 12 | 12 |
| 13 bool SandboxInitWrapper::InitializeSandbox(const CommandLine& command_line, | 13 bool SandboxInitWrapper::InitializeSandbox(const CommandLine& command_line, |
| 14 const std::string& process_type) { | 14 const std::string& process_type) { |
| 15 using sandbox::Sandbox; | 15 using sandbox::Sandbox; |
| 16 | 16 |
| 17 if (command_line.HasSwitch(switches::kNoSandbox)) | 17 if (command_line.HasSwitch(switches::kNoSandbox)) |
| 18 return true; | 18 return true; |
| 19 | 19 |
| 20 Sandbox::SandboxProcessType sandbox_process_type; | 20 Sandbox::SandboxProcessType sandbox_process_type; |
| 21 FilePath allowed_dir; // Empty by default. | 21 FilePath allowed_dir; // Empty by default. |
| 22 | 22 |
| 23 if (process_type.empty()) { | 23 if (process_type.empty()) { |
| 24 // Browser process isn't sandboxed. | 24 // Browser process isn't sandboxed. |
| 25 return true; | 25 return true; |
| 26 } else if (process_type == switches::kRendererProcess) { | 26 } else if (process_type == switches::kRendererProcess) { |
| 27 if (!command_line.HasSwitch(switches::kDisableExperimentalWebGL) && | 27 if (!command_line.HasSwitch(switches::kDisable3DAPIs) && |
| 28 !command_line.HasSwitch(switches::kDisableExperimentalWebGL) && |
| 28 command_line.HasSwitch(switches::kInProcessWebGL)) { | 29 command_line.HasSwitch(switches::kInProcessWebGL)) { |
| 29 // TODO(kbr): this check seems to be necessary only on this | 30 // TODO(kbr): this check seems to be necessary only on this |
| 30 // platform because the sandbox is initialized later. Remove | 31 // platform because the sandbox is initialized later. Remove |
| 31 // this once this flag is removed. | 32 // this once this flag is removed. |
| 32 return true; | 33 return true; |
| 33 } else { | 34 } else { |
| 34 sandbox_process_type = Sandbox::SANDBOX_TYPE_RENDERER; | 35 sandbox_process_type = Sandbox::SANDBOX_TYPE_RENDERER; |
| 35 } | 36 } |
| 36 } else if (process_type == switches::kExtensionProcess) { | 37 } else if (process_type == switches::kExtensionProcess) { |
| 37 // Extension processes are just renderers [they use RenderMain()] with a | 38 // Extension processes are just renderers [they use RenderMain()] with a |
| (...skipping 27 matching lines...) Expand all Loading... |
| 65 NOTREACHED(); | 66 NOTREACHED(); |
| 66 return true; | 67 return true; |
| 67 } | 68 } |
| 68 | 69 |
| 69 // Warm up APIs before turning on the sandbox. | 70 // Warm up APIs before turning on the sandbox. |
| 70 Sandbox::SandboxWarmup(sandbox_process_type); | 71 Sandbox::SandboxWarmup(sandbox_process_type); |
| 71 | 72 |
| 72 // Actually sandbox the process. | 73 // Actually sandbox the process. |
| 73 return Sandbox::EnableSandbox(sandbox_process_type, allowed_dir); | 74 return Sandbox::EnableSandbox(sandbox_process_type, allowed_dir); |
| 74 } | 75 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 6045003:
(Re-landing http://codereview.chromium.org/5991003) (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/