Issue 669056: Support running NaCl in Chromium's Linux SUID sandbox

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Issue 669056: Support running NaCl in Chromium's Linux SUID sandbox (Closed)

Created:
10 years, 9 months ago by Mark Seaborn

Modified:
9 years, 5 months ago

Reviewers:
bsy, gregoryd, Mark Schneckloth

CC:
native-client-reviews_googlegroups.com

Visibility:
Public.

Description

Support running the NaCl plugin in Chromium's Linux SUID sandbox * Use pre-opened FD for /dev/urandom. * Use IPC for creating shared memory segments. * Use Chromium-supplied functions for both of these. BUG=http://code.google.com/p/chromium/issues/detail?id=36676 TEST=nacl_ui_tests with sandbox enabled Committed: http://code.google.com/p/nativeclient/source/detail?r=1643

Patch Set 1 #

Total comments: 1

Created: 10 years, 9 months ago

Download [raw] [tar.bz2]

		Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+22 lines, -0 lines)			Patch
	M	src/shared/imc/nacl_imc_unistd.cc	View		2 chunks	+7 lines, -0 lines	1 comment	Download
	M	src/shared/platform/linux/nacl_secure_random.c	View		2 chunks	+15 lines, -0 lines	0 comments	Download

Messages

Total messages: 4 (0 generated)

Expand Messages | Collapse Messages

Mark Seaborn

The corresponding Chromium change (which this depends on) is http://codereview.chromium.org/669055

10 years, 9 months ago (2010-03-04 10:56:30 UTC) #1

gregoryd

http://codereview.chromium.org/669056/diff/1/2 File src/shared/imc/nacl_imc_unistd.cc (right): http://codereview.chromium.org/669056/diff/1/2#newcode94 src/shared/imc/nacl_imc_unistd.cc:94: return MakeSharedMemorySegmentViaIPC(length); Do we know that shm_open will fail ...

10 years, 9 months ago (2010-03-04 17:37:45 UTC) #3

Mark Seaborn

10 years, 9 months ago (2010-03-04 21:25:25 UTC) #4

On 2010/03/04 17:37:45, gregoryd wrote:
> http://codereview.chromium.org/669056/diff/1/2
> File src/shared/imc/nacl_imc_unistd.cc (right):
> 
> http://codereview.chromium.org/669056/diff/1/2#newcode94
> src/shared/imc/nacl_imc_unistd.cc:94: return
> MakeSharedMemorySegmentViaIPC(length);
> Do we know that shm_open will fail in the sandbox? If so, why do we try and
not
> call MakeSharedMemorySegmentViaIPC?

I should add a comment to clarify this... Trying both is a temporary measure. 
This code will run in the context of both the renderer and (Chromium's
compiled-in) sel_ldr.  Initially, sel_ldr won't be sandboxed (until I submit the
change that sandboxes it) and won't have the appropriate socket FD to the
browser process set up, so we need to try both means.

Mark

Expand Messages | Collapse Messages