Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(71)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 7054068: Make sandboxed Flash work under UIPI (Closed)

Created:
9 years, 6 months ago by jschuh
Modified:
9 years, 6 months ago
CC:
chromium-reviews, joi+watch-content_chromium.org, jam, darin-cc_chromium.org
Visibility:
Public.

Description

Make Flash work properly when started in low-integrity mode so that UIPI restrictions take effect. The change works by adding a new IPC from from plugin to browser, which tells the browser to reparent plugin windows when needed (since UIPI blacks parenting from the low-integrity plugin process). See UIPI for reference: http://en.wikipedia.org/wiki/User_Interface_Privilege_Isolation BUG=82870 Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=88081

Patch Set 1 : '' #

Patch Set 2 : '' #

Patch Set 3 : '' #

Total comments: 2

Patch Set 4 : '' #

Patch Set 5 : '' #

Patch Set 6 : '' #

Total comments: 3

Patch Set 7 : '' #

Unified diffs Side-by-side diffs Delta from patch set Stats (+77 lines, -5 lines) Patch
M chrome/common/chrome_content_client.cc View 1 chunk +1 line, -1 line 0 comments Download
M content/browser/plugin_process_host.h View 1 chunk +1 line, -0 lines 0 comments Download
M content/browser/plugin_process_host.cc View 1 2 3 4 5 6 3 chunks +19 lines, -0 lines 0 comments Download
M content/common/plugin_messages.h View 1 chunk +4 lines, -0 lines 0 comments Download
M content/plugin/webplugin_proxy.h View 1 chunk +1 line, -0 lines 0 comments Download
M content/plugin/webplugin_proxy.cc View 1 chunk +5 lines, -0 lines 0 comments Download
M webkit/plugins/npapi/plugin_constants_win.h View 1 chunk +1 line, -0 lines 0 comments Download
M webkit/plugins/npapi/plugin_constants_win.cc View 1 chunk +1 line, -0 lines 0 comments Download
M webkit/plugins/npapi/webplugin.h View 1 chunk +1 line, -0 lines 0 comments Download
M webkit/plugins/npapi/webplugin_delegate_impl.h View 1 2 3 4 5 6 2 chunks +2 lines, -0 lines 0 comments Download
M webkit/plugins/npapi/webplugin_delegate_impl_win.cc View 1 2 3 4 5 6 7 chunks +40 lines, -4 lines 0 comments Download
M webkit/plugins/npapi/webplugin_impl.h View 1 chunk +1 line, -0 lines 0 comments Download

Messages

Total messages: 7 (0 generated)
jschuh
This is the meat of the change (although I have an ugly layering violation in ...
9 years, 6 months ago (2011-06-06 16:35:43 UTC) #1
ananta
Adding jam for his comments. Looks great overall. http://codereview.chromium.org/7054068/diff/2022/webkit/plugins/npapi/webplugin_delegate_impl_win.cc File webkit/plugins/npapi/webplugin_delegate_impl_win.cc (right): http://codereview.chromium.org/7054068/diff/2022/webkit/plugins/npapi/webplugin_delegate_impl_win.cc#newcode362 webkit/plugins/npapi/webplugin_delegate_impl_win.cc:362: ::DestroyWindow(::GetParent(dummy_window_for_activation_)); ...
9 years, 6 months ago (2011-06-06 22:37:10 UTC) #2
jschuh
On 2011/06/06 22:37:10, ananta wrote: > Adding jam for his comments. > > Looks great ...
9 years, 6 months ago (2011-06-06 22:42:28 UTC) #3
ananta
LGTM http://codereview.chromium.org/7054068/diff/12002/webkit/plugins/npapi/webplugin_delegate_impl_win.cc File webkit/plugins/npapi/webplugin_delegate_impl_win.cc (right): http://codereview.chromium.org/7054068/diff/12002/webkit/plugins/npapi/webplugin_delegate_impl_win.cc#newcode502 webkit/plugins/npapi/webplugin_delegate_impl_win.cc:502: 0, Please add some comments here which explain ...
9 years, 6 months ago (2011-06-07 00:40:08 UTC) #4
jam
lgtm (with boolean replaced with quirk just for consistency with the rest of the file)
9 years, 6 months ago (2011-06-07 00:47:42 UTC) #5
cpu_(ooo_6.6-7.5)
lgtm after the two comments http://codereview.chromium.org/7054068/diff/12002/content/browser/plugin_process_host.cc File content/browser/plugin_process_host.cc (right): http://codereview.chromium.org/7054068/diff/12002/content/browser/plugin_process_host.cc#newcode73 content/browser/plugin_process_host.cc:73: If IsWindow() returns false ...
9 years, 6 months ago (2011-06-07 01:03:36 UTC) #6
jschuh
9 years, 6 months ago (2011-06-07 01:25:25 UTC) #7 
Okay, all issues fixed. Flagging for commit.

On 2011/06/07 01:03:36, cpu wrote:
> lgtm after the two comments
> 
>
http://codereview.chromium.org/7054068/diff/12002/content/browser/plugin_proc...
> File content/browser/plugin_process_host.cc (right):
> 
>
http://codereview.chromium.org/7054068/diff/12002/content/browser/plugin_proc...
> content/browser/plugin_process_host.cc:73: 
> If IsWindow() returns false you continue?
> 
>
http://codereview.chromium.org/7054068/diff/12002/webkit/plugins/npapi/webplu...
> File webkit/plugins/npapi/webplugin_delegate_impl_win.cc (right):
> 
>
http://codereview.chromium.org/7054068/diff/12002/webkit/plugins/npapi/webplu...
> webkit/plugins/npapi/webplugin_delegate_impl_win.cc:502: 0,
> what Ananta said.
> 
> On 2011/06/07 00:40:08, ananta wrote:
> > Please add some comments here which explain what we are trying to achieve
with
> > the SetParent magic.

Powered by Google App Engine
This is Rietveld 408576698