Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(291)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: mojo/runner/child_process.cc

Issue 1274743004: Sandbox html_viewer on Linux. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Style stuff. Created 5 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « mandoline/services/core_services/core_services_application_delegate.cc ('k') | mojo/runner/linux_sandbox.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "mojo/runner/child_process.h" 5 #include "mojo/runner/child_process.h"
6 6
7 #include "base/base_switches.h" 7 #include "base/base_switches.h"
8 #include "base/bind.h" 8 #include "base/bind.h"
9 #include "base/callback_helpers.h" 9 #include "base/callback_helpers.h"
10 #include "base/command_line.h" 10 #include "base/command_line.h"
(...skipping 292 matching lines...) Expand 10 before | Expand all | Expand 10 after
303 base::SysInfo::NumberOfProcessors(); 303 base::SysInfo::NumberOfProcessors();
304 304
305 // Do whatever warming that the mojo application wants. 305 // Do whatever warming that the mojo application wants.
306 typedef void (*SandboxWarmFunction)(); 306 typedef void (*SandboxWarmFunction)();
307 SandboxWarmFunction sandbox_warm = reinterpret_cast<SandboxWarmFunction>( 307 SandboxWarmFunction sandbox_warm = reinterpret_cast<SandboxWarmFunction>(
308 base::GetFunctionPointerFromNativeLibrary(app_library, 308 base::GetFunctionPointerFromNativeLibrary(app_library,
309 "MojoSandboxWarm")); 309 "MojoSandboxWarm"));
310 if (sandbox_warm) 310 if (sandbox_warm)
311 sandbox_warm(); 311 sandbox_warm();
312 312
313 // TODO(erg,jln): Allowing access to all of /dev/shm/ makes it easy to
314 // spy on other shared memory using processes. This is a temporary hack
315 // so that we have some sandbox until we have proper shared memory
316 // support integrated into mojo.
313 std::vector<BrokerFilePermission> permissions; 317 std::vector<BrokerFilePermission> permissions;
318 permissions.push_back(
319 BrokerFilePermission::ReadWriteCreateUnlinkRecursive("/dev/shm/"));
314 sandbox.reset(new mandoline::LinuxSandbox(permissions)); 320 sandbox.reset(new mandoline::LinuxSandbox(permissions));
315 sandbox->Warmup(); 321 sandbox->Warmup();
316 sandbox->EngageNamespaceSandbox(); 322 sandbox->EngageNamespaceSandbox();
317 sandbox->EngageSeccompSandbox(); 323 sandbox->EngageSeccompSandbox();
318 sandbox->Seal(); 324 sandbox->Seal();
319 } 325 }
320 #endif 326 #endif
321 } 327 }
322 328
323 embedder::ScopedPlatformHandle platform_channel = 329 embedder::ScopedPlatformHandle platform_channel =
(...skipping 15 matching lines...) Expand all
339 // This will block, then run whatever the controller wants. 345 // This will block, then run whatever the controller wants.
340 blocker.Block(); 346 blocker.Block();
341 347
342 app_context.Shutdown(); 348 app_context.Shutdown();
343 349
344 return 0; 350 return 0;
345 } 351 }
346 352
347 } // namespace runner 353 } // namespace runner
348 } // namespace mojo 354 } // namespace mojo
OLDNEW
« no previous file with comments | « mandoline/services/core_services/core_services_application_delegate.cc ('k') | mojo/runner/linux_sandbox.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698