OLD | NEW |
---|---|
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CONTENT_PUBLIC_COMMON_SANDBOX_INIT_H_ | 5 #ifndef CONTENT_PUBLIC_COMMON_SANDBOX_INIT_H_ |
6 #define CONTENT_PUBLIC_COMMON_SANDBOX_INIT_H_ | 6 #define CONTENT_PUBLIC_COMMON_SANDBOX_INIT_H_ |
7 #pragma once | 7 #pragma once |
8 | 8 |
9 #include "build/build_config.h" | 9 #include "build/build_config.h" |
10 #include "content/common/content_export.h" | 10 #include "content/common/content_export.h" |
11 | 11 |
12 #if defined(OS_WIN) | 12 #if defined(OS_WIN) |
13 namespace sandbox { | 13 namespace sandbox { |
14 struct SandboxInterfaceInfo; | 14 struct SandboxInterfaceInfo; |
15 } | 15 } |
16 #elif defined(OS_MACOSX) | |
17 class FilePath; | |
16 #endif | 18 #endif |
17 | 19 |
18 namespace content { | 20 namespace content { |
19 | 21 |
22 #if defined(OS_WIN) | |
20 // Initialize the sandbox for renderer, gpu, utility, worker, nacl, and plug-in | 23 // Initialize the sandbox for renderer, gpu, utility, worker, nacl, and plug-in |
21 // processes, depending on the command line flags. Although The browser process | 24 // processes, depending on the command line flags. Although The browser process |
22 // is not sandboxed, this also needs to be called because it will initialize | 25 // is not sandboxed, this also needs to be called because it will initialize |
23 // the broker code. | 26 // the broker code. |
24 // Returns true if the sandbox was initialized succesfully, false if an error | 27 // Returns true if the sandbox was initialized succesfully, false if an error |
25 // occurred. If process_type isn't one that needs sandboxing true is always | 28 // occurred. If process_type isn't one that needs sandboxing true is always |
26 // returned. | 29 // returned. |
27 #if defined(OS_WIN) | |
28 CONTENT_EXPORT bool InitializeSandbox( | 30 CONTENT_EXPORT bool InitializeSandbox( |
29 sandbox::SandboxInterfaceInfo* sandbox_info); | 31 sandbox::SandboxInterfaceInfo* sandbox_info); |
30 #elif defined(OS_MACOSX) | 32 #elif defined(OS_MACOSX) |
31 CONTENT_EXPORT bool InitializeSandbox(); | 33 // Initialize the sandbox of the given |sandbox_type|, optionally specifying a |
34 // directory to allow access to. This needs to be supported by the sandbox | |
35 // policy associated with the given |sandbox_type|. | |
36 // | |
37 // The sandbox policy to use for this |sandbox_type| is queried using | |
38 // ContentClient::GetSandboxPolicyForSandboxType(). The embedder can use values | |
39 // for |sandbox_type| starting from | |
40 // content::sandbox::SANDBOX_AFTER_TYPE_LAST_TYPE. | |
jeremy
2011/11/23 07:02:17
We need the unit tests to run on all sandbox types
jochen (gone - plz use gerrit)
2011/11/23 10:57:28
The embedder will have to test their own definitio
| |
41 // | |
42 // Returns true if the sandbox was initialized succesfully, false if an error | |
43 // occurred. If process_type isn't one that needs sandboxing true is always | |
44 // returned. | |
45 CONTENT_EXPORT bool InitializeSandbox(int sandbox_type, | |
46 const FilePath& allowed_path); | |
32 #endif | 47 #endif |
33 | 48 |
34 } // namespace content | 49 } // namespace content |
35 | 50 |
36 #endif // CONTENT_PUBLIC_COMMON_SANDBOX_INIT_H_ | 51 #endif // CONTENT_PUBLIC_COMMON_SANDBOX_INIT_H_ |
OLD | NEW |