| Index: chrome/nacl/nacl_broker_listener.cc
|
| ===================================================================
|
| --- chrome/nacl/nacl_broker_listener.cc (revision 188735)
|
| +++ chrome/nacl/nacl_broker_listener.cc (working copy)
|
| @@ -18,6 +18,7 @@
|
| #include "content/public/common/sandbox_init.h"
|
| #include "ipc/ipc_channel.h"
|
| #include "ipc/ipc_switches.h"
|
| +#include "sandbox/win/src/sandbox_policy.h"
|
|
|
| namespace {
|
|
|
| @@ -45,6 +46,20 @@
|
| MessageLoop::current()->Run();
|
| }
|
|
|
| +void NaClBrokerListener::PreSpawnTarget(sandbox::TargetPolicy* policy,
|
| + bool* success) {
|
| + // This code is duplicated in chrome_browser_main_win.cc.
|
| +
|
| + // Allow the server side of a pipe restricted to the "chrome.nacl."
|
| + // namespace so that it cannot impersonate other system or other chrome
|
| + // service pipes.
|
| + sandbox::ResultCode result = policy->AddRule(
|
| + sandbox::TargetPolicy::SUBSYS_NAMED_PIPES,
|
| + sandbox::TargetPolicy::NAMEDPIPES_ALLOW_ANY,
|
| + L"\\\\.\\pipe\\chrome.nacl.*");
|
| + *success = (result == sandbox::SBOX_ALL_OK);
|
| +}
|
| +
|
| void NaClBrokerListener::OnChannelConnected(int32 peer_pid) {
|
| bool res = base::OpenProcessHandle(peer_pid, &browser_handle_);
|
| CHECK(res);
|
| @@ -87,8 +102,7 @@
|
| cmd_line->AppendSwitchASCII(switches::kProcessChannelID,
|
| loader_channel_id);
|
|
|
| - loader_process =
|
| - content::StartProcessWithAccess(cmd_line, base::FilePath());
|
| + loader_process = content::StartSandboxedProcess(this, cmd_line);
|
| if (loader_process) {
|
| DuplicateHandle(::GetCurrentProcess(), loader_process,
|
| browser_handle_, &loader_handle_in_browser,
|
|
|
Chromium Code Reviews
Issue 12805004:
Remove mention of the nacl process in content. (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/