| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/common/sandbox_policy.h" | 5 #include "content/common/sandbox_policy.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 10 #include "base/debug/debugger.h" | 10 #include "base/debug/debugger.h" |
| (...skipping 378 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 389 cmd_line->AppendArg(base::StringPrintf("/prefetch:%d", type)); | 389 cmd_line->AppendArg(base::StringPrintf("/prefetch:%d", type)); |
| 390 | 390 |
| 391 sandbox::ResultCode result; | 391 sandbox::ResultCode result; |
| 392 PROCESS_INFORMATION target = {0}; | 392 PROCESS_INFORMATION target = {0}; |
| 393 sandbox::TargetPolicy* policy = g_broker_services->CreatePolicy(); | 393 sandbox::TargetPolicy* policy = g_broker_services->CreatePolicy(); |
| 394 | 394 |
| 395 if (type == ChildProcessInfo::PLUGIN_PROCESS && | 395 if (type == ChildProcessInfo::PLUGIN_PROCESS && |
| 396 !browser_command_line.HasSwitch(switches::kNoSandbox) && | 396 !browser_command_line.HasSwitch(switches::kNoSandbox) && |
| 397 content::GetContentClient()->SandboxPlugin(cmd_line, policy)) { | 397 content::GetContentClient()->SandboxPlugin(cmd_line, policy)) { |
| 398 in_sandbox = true; | 398 in_sandbox = true; |
| 399 AddDllEvictionPolicy(policy); | |
| 400 } | 399 } |
| 401 | 400 |
| 402 if (!in_sandbox) { | 401 if (!in_sandbox) { |
| 403 policy->Release(); | 402 policy->Release(); |
| 404 base::LaunchApp(*cmd_line, false, false, &process); | 403 base::LaunchApp(*cmd_line, false, false, &process); |
| 405 return process; | 404 return process; |
| 406 } | 405 } |
| 407 | 406 |
| 408 if (type == ChildProcessInfo::GPU_PROCESS) { | 407 if (type == ChildProcessInfo::PLUGIN_PROCESS) { |
| 408 AddDllEvictionPolicy(policy); |
| 409 } else if (type == ChildProcessInfo::GPU_PROCESS) { |
| 409 if (!AddPolicyForGPU(cmd_line, policy)) | 410 if (!AddPolicyForGPU(cmd_line, policy)) |
| 410 return 0; | 411 return 0; |
| 411 } else if (type == ChildProcessInfo::PPAPI_PLUGIN_PROCESS) { | 412 } else if (type == ChildProcessInfo::PPAPI_PLUGIN_PROCESS) { |
| 412 if (!AddPolicyForPepperPlugin(policy)) | 413 if (!AddPolicyForPepperPlugin(policy)) |
| 413 return 0; | 414 return 0; |
| 414 } else { | 415 } else { |
| 415 AddPolicyForRenderer(policy); | 416 AddPolicyForRenderer(policy); |
| 416 | 417 |
| 417 if (type_str != switches::kRendererProcess) { | 418 if (type_str != switches::kRendererProcess) { |
| 418 // Hack for Google Desktop crash. Trick GD into not injecting its DLL into | 419 // Hack for Google Desktop crash. Trick GD into not injecting its DLL into |
| (...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 461 | 462 |
| 462 // Help the process a little. It can't start the debugger by itself if | 463 // Help the process a little. It can't start the debugger by itself if |
| 463 // the process is in a sandbox. | 464 // the process is in a sandbox. |
| 464 if (child_needs_help) | 465 if (child_needs_help) |
| 465 base::debug::SpawnDebuggerOnProcess(target.dwProcessId); | 466 base::debug::SpawnDebuggerOnProcess(target.dwProcessId); |
| 466 | 467 |
| 467 return process; | 468 return process; |
| 468 } | 469 } |
| 469 | 470 |
| 470 } // namespace sandbox | 471 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 7104005:
Fix Flash sandbox regression from r87093. (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/