Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1868)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/public/common/sandbox_init.h

Issue 8589001: Load mac sandbox definitions from resources instead of the bundle. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: updates Created 9 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/public/common/content_client.h ('k') | content/public/common/sandbox_type_mac.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/public/common/sandbox_init.h
diff --git a/content/public/common/sandbox_init.h b/content/public/common/sandbox_init.h
index 3415e0d4abb8e2e9ba33986add4141e7dc1f07e9..88c6d83991315dd44a11a0fbde722557978f068e 100644
--- a/content/public/common/sandbox_init.h
+++ b/content/public/common/sandbox_init.h
@@ -13,10 +13,13 @@
namespace sandbox {
struct SandboxInterfaceInfo;
}
+#elif defined(OS_MACOSX)
+class FilePath;
#endif
namespace content {
+#if defined(OS_WIN)
// Initialize the sandbox for renderer, gpu, utility, worker, nacl, and plug-in
// processes, depending on the command line flags. Although The browser process
// is not sandboxed, this also needs to be called because it will initialize
@@ -24,11 +27,25 @@ namespace content {
// Returns true if the sandbox was initialized succesfully, false if an error
// occurred. If process_type isn't one that needs sandboxing true is always
// returned.
-#if defined(OS_WIN)
CONTENT_EXPORT bool InitializeSandbox(
sandbox::SandboxInterfaceInfo* sandbox_info);
#elif defined(OS_MACOSX)
-CONTENT_EXPORT bool InitializeSandbox();
+// Initialize the sandbox of the given |sandbox_type|, optionally specifying a
+// directory to allow access to. Note specifying a directory needs to be
+// supported by the sandbox profile associated with the given |sandbox_type|.
+// Valid values for |sandbox_type| are defined either by the enum SandboxType,
+// or by ContentClient::GetSandboxProfileForSandboxType().
+//
+// If the |sandbox_type| isn't one of the ones defined by content then the
+// embedder is queried using ContentClient::GetSandboxPolicyForSandboxType().
+// The embedder can use values for |sandbox_type| starting from
+// content::sandbox::SANDBOX_PROCESS_TYPE_AFTER_LAST_TYPE.
+//
+// Returns true if the sandbox was initialized succesfully, false if an error
+// occurred. If process_type isn't one that needs sandboxing, no action is
+// taken and true is always returned.
+CONTENT_EXPORT bool InitializeSandbox(int sandbox_type,
+ const FilePath& allowed_path);
#endif
} // namespace content
« no previous file with comments | « content/public/common/content_client.h ('k') | content/public/common/sandbox_type_mac.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698