Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(259)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/common/sandbox_mac.h

Issue 8589001: Load mac sandbox definitions from resources instead of the bundle. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: updates Created 9 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« content/common/sandbox_init_mac.cc ('K') | « content/common/sandbox_init_mac.cc ('k') | content/common/sandbox_mac.mm » ('j') | content/common/sandbox_mac.mm » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/common/sandbox_mac.h
diff --git a/content/common/sandbox_mac.h b/content/common/sandbox_mac.h
index 358c098a996e86d171bfd38d8fe5dccfd40e1e5b..7a1a72a6f22eb768d7ae64664cfb1b76d16283b4 100644
--- a/content/common/sandbox_mac.h
+++ b/content/common/sandbox_mac.h
@@ -11,6 +11,7 @@
#include "base/basictypes.h"
#include "base/hash_tables.h"
#include "base/gtest_prod_util.h"
+#include "content/public/common/sandbox_type_mac.h"
class FilePath;
@@ -57,36 +58,12 @@ class Sandbox {
typedef base::hash_map<std::string, SandboxSubstring>
SandboxVariableSubstitions;
- enum SandboxProcessType {
- SANDBOX_TYPE_FIRST_TYPE, // Placeholder to ease iteration.
-
- SANDBOX_TYPE_RENDERER = SANDBOX_TYPE_FIRST_TYPE,
-
- // The worker process uses the most restrictive sandbox which has almost
- // *everything* locked down. Only a couple of /System/Library/ paths and
- // some other very basic operations (e.g., reading metadata to allow
- // following symlinks) are permitted.
- SANDBOX_TYPE_WORKER,
-
- // Utility process is as restrictive as the worker process except full
- // access is allowed to one configurable directory.
- SANDBOX_TYPE_UTILITY,
-
- // Native Client sandbox for the user's untrusted code.
- SANDBOX_TYPE_NACL_LOADER,
-
- // GPU process.
- SANDBOX_TYPE_GPU,
-
- // The PPAPI plugin process.
- SANDBOX_TYPE_PPAPI,
-
- SANDBOX_AFTER_TYPE_LAST_TYPE, // Placeholder to ease iteration.
- };
-
- // Warm up System APIs that empirically need to be accessed before the Sandbox
- // is turned on. |sandbox_type| is the type of sandbox to warm up.
- static void SandboxWarmup(SandboxProcessType sandbox_type);
+ // Warm up System APIs that empirically need to be accessed before the
+ // Sandbox is turned on. |sandbox_type| is the type of sandbox to warm up.
jeremy 2011/11/24 16:42:04 nit: sandbox with a small 's'.
jochen (gone - plz use gerrit) 2011/11/24 20:08:35 Done.
+ // Valid |sandbox_type| values are defined by the enum SandboxType, or can be
+ // defined by the embedder via
+ // ContentClient::GetSandboxProfileForProcessType().
+ static void SandboxWarmup(int sandbox_type);
// Turns on the OS X sandbox for this process.
// |sandbox_type| - type of Sandbox to use.
jeremy 2011/11/24 16:42:04 - see SandboxWarmup() above for legal values.
jochen (gone - plz use gerrit) 2011/11/24 20:08:35 Done.
@@ -94,7 +71,7 @@ class Sandbox {
// profile that supports this is SANDBOX_TYPE_UTILITY .
//
// Returns true on success, false if an error occurred enabling the sandbox.
- static bool EnableSandbox(SandboxProcessType sandbox_type,
+ static bool EnableSandbox(int sandbox_type,
const FilePath& allowed_dir);
« content/common/sandbox_init_mac.cc ('K') | « content/common/sandbox_init_mac.cc ('k') | content/common/sandbox_mac.mm » ('j') | content/common/sandbox_mac.mm » ('J')

Powered by Google App Engine
This is Rietveld 408576698