| Index: content/browser/renderer_host/render_process_host_impl.cc
|
| ===================================================================
|
| --- content/browser/renderer_host/render_process_host_impl.cc (revision 189099)
|
| +++ content/browser/renderer_host/render_process_host_impl.cc (working copy)
|
| @@ -129,6 +129,8 @@
|
| #if defined(OS_WIN)
|
| #include "base/win/scoped_com_initializer.h"
|
| #include "content/common/font_cache_dispatcher_win.h"
|
| +#include "content/common/sandbox_win.h"
|
| +#include "content/public/common/sandboxed_process_launcher_delegate.h"
|
| #endif
|
|
|
| #include "third_party/skia/include/core/SkBitmap.h"
|
| @@ -284,6 +286,22 @@
|
| return map;
|
| }
|
|
|
| +#if defined(OS_WIN)
|
| +// NOTE: changes to this class need to be reviewed by the security team.
|
| +class RendererSandboxedProcessLauncherDelegate
|
| + : public content::SandboxedProcessLauncherDelegate {
|
| + public:
|
| + RendererSandboxedProcessLauncherDelegate() {}
|
| + virtual ~RendererSandboxedProcessLauncherDelegate() {}
|
| +
|
| + virtual void PreSpawnTarget(sandbox::TargetPolicy* policy,
|
| + bool* success) {
|
| + AddBaseHandleClosePolicy(policy);
|
| + GetContentClient()->browser()->PreSpawnRenderer(policy, success);
|
| + }
|
| +};
|
| +#endif // OS_WIN
|
| +
|
| } // namespace
|
|
|
| // Stores the maximum number of renderer processes the content module can
|
| @@ -488,7 +506,7 @@
|
| // at this stage.
|
| child_process_launcher_.reset(new ChildProcessLauncher(
|
| #if defined(OS_WIN)
|
| - base::FilePath(),
|
| + new RendererSandboxedProcessLauncherDelegate,
|
| #elif defined(OS_POSIX)
|
| renderer_prefix.empty(),
|
| base::EnvironmentVector(),
|
|
|
Chromium Code Reviews
Issue 12805004:
Remove mention of the nacl process in content. (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/