| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/utility_process_host_impl.h" | 5 #include "content/browser/utility_process_host_impl.h" |
| 6 | 6 |
| 7 #include "base/base_switches.h" | 7 #include "base/base_switches.h" |
| 8 #include "base/bind.h" | 8 #include "base/bind.h" |
| 9 #include "base/bind_helpers.h" | 9 #include "base/bind_helpers.h" |
| 10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
| 11 #include "base/files/file_path.h" |
| 11 #include "base/lazy_instance.h" | 12 #include "base/lazy_instance.h" |
| 12 #include "base/message_loop/message_loop.h" | 13 #include "base/message_loop/message_loop.h" |
| 13 #include "base/process/process_handle.h" | 14 #include "base/process/process_handle.h" |
| 14 #include "base/run_loop.h" | 15 #include "base/run_loop.h" |
| 15 #include "base/sequenced_task_runner.h" | 16 #include "base/sequenced_task_runner.h" |
| 16 #include "base/strings/utf_string_conversions.h" | 17 #include "base/strings/utf_string_conversions.h" |
| 17 #include "base/synchronization/lock.h" | 18 #include "base/synchronization/lock.h" |
| 18 #include "base/synchronization/waitable_event.h" | 19 #include "base/synchronization/waitable_event.h" |
| 19 #include "content/browser/browser_child_process_host_impl.h" | 20 #include "content/browser/browser_child_process_host_impl.h" |
| 20 #include "content/browser/mojo/mojo_application_host.h" | 21 #include "content/browser/mojo/mojo_application_host.h" |
| 21 #include "content/browser/renderer_host/render_process_host_impl.h" | 22 #include "content/browser/renderer_host/render_process_host_impl.h" |
| 22 #include "content/common/child_process_host_impl.h" | 23 #include "content/common/child_process_host_impl.h" |
| 23 #include "content/common/in_process_child_thread_params.h" | 24 #include "content/common/in_process_child_thread_params.h" |
| 24 #include "content/common/utility_messages.h" | 25 #include "content/common/utility_messages.h" |
| 25 #include "content/public/browser/browser_thread.h" | 26 #include "content/public/browser/browser_thread.h" |
| 26 #include "content/public/browser/content_browser_client.h" | 27 #include "content/public/browser/content_browser_client.h" |
| 27 #include "content/public/browser/utility_process_host_client.h" | 28 #include "content/public/browser/utility_process_host_client.h" |
| 28 #include "content/public/common/content_switches.h" | 29 #include "content/public/common/content_switches.h" |
| 29 #include "content/public/common/process_type.h" | 30 #include "content/public/common/process_type.h" |
| 30 #include "content/public/common/sandbox_type.h" | 31 #include "content/public/common/sandbox_type.h" |
| 31 #include "content/public/common/sandboxed_process_launcher_delegate.h" | 32 #include "content/public/common/sandboxed_process_launcher_delegate.h" |
| 32 #include "ipc/ipc_switches.h" | 33 #include "ipc/ipc_switches.h" |
| 33 #include "ui/base/ui_base_switches.h" | 34 #include "ui/base/ui_base_switches.h" |
| 34 | 35 |
| 36 #if defined(OS_WIN) |
| 37 #include "sandbox/win/src/sandbox_policy.h" |
| 38 #include "sandbox/win/src/sandbox_types.h" |
| 39 #endif |
| 40 |
| 35 namespace content { | 41 namespace content { |
| 36 | 42 |
| 37 // NOTE: changes to this class need to be reviewed by the security team. | 43 // NOTE: changes to this class need to be reviewed by the security team. |
| 38 class UtilitySandboxedProcessLauncherDelegate | 44 class UtilitySandboxedProcessLauncherDelegate |
| 39 : public SandboxedProcessLauncherDelegate { | 45 : public SandboxedProcessLauncherDelegate { |
| 40 public: | 46 public: |
| 41 UtilitySandboxedProcessLauncherDelegate(const base::FilePath& exposed_dir, | 47 UtilitySandboxedProcessLauncherDelegate(const base::FilePath& exposed_dir, |
| 42 bool launch_elevated, | 48 bool launch_elevated, |
| 43 bool no_sandbox, | 49 bool no_sandbox, |
| 44 const base::EnvironmentMap& env, | 50 const base::EnvironmentMap& env, |
| 45 ChildProcessHost* host) | 51 ChildProcessHost* host) |
| 46 : exposed_dir_(exposed_dir), | 52 : exposed_dir_(exposed_dir), |
| 47 #if defined(OS_WIN) | 53 #if defined(OS_WIN) |
| 48 launch_elevated_(launch_elevated) | 54 launch_elevated_(launch_elevated) |
| 49 #elif defined(OS_POSIX) | 55 #elif defined(OS_POSIX) |
| 50 env_(env), | 56 env_(env), |
| 51 no_sandbox_(no_sandbox), | 57 no_sandbox_(no_sandbox), |
| 52 ipc_fd_(host->TakeClientFileDescriptor()) | 58 ipc_fd_(host->TakeClientFileDescriptor()) |
| 53 #endif // OS_WIN | 59 #endif // OS_WIN |
| 54 {} | 60 {} |
| 55 | 61 |
| 56 ~UtilitySandboxedProcessLauncherDelegate() override {} | 62 ~UtilitySandboxedProcessLauncherDelegate() override {} |
| 57 | 63 |
| 58 #if defined(OS_WIN) | 64 #if defined(OS_WIN) |
| 59 bool ShouldLaunchElevated() override { return launch_elevated_; } | 65 bool ShouldLaunchElevated() override { return launch_elevated_; } |
| 60 void PreSandbox(bool* disable_default_policy, | 66 |
| 61 base::FilePath* exposed_dir) override { | 67 bool PreSpawnTarget(sandbox::TargetPolicy* policy) override { |
| 62 *exposed_dir = exposed_dir_; | 68 if (exposed_dir_.empty()) |
| 69 return true; |
| 70 |
| 71 sandbox::ResultCode result; |
| 72 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES, |
| 73 sandbox::TargetPolicy::FILES_ALLOW_ANY, |
| 74 exposed_dir_.value().c_str()); |
| 75 if (result != sandbox::SBOX_ALL_OK) |
| 76 return false; |
| 77 |
| 78 base::FilePath exposed_files = exposed_dir_.AppendASCII("*"); |
| 79 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES, |
| 80 sandbox::TargetPolicy::FILES_ALLOW_ANY, |
| 81 exposed_files.value().c_str()); |
| 82 return result == sandbox::SBOX_ALL_OK; |
| 63 } | 83 } |
| 84 |
| 64 #elif defined(OS_POSIX) | 85 #elif defined(OS_POSIX) |
| 65 | 86 |
| 66 bool ShouldUseZygote() override { | 87 bool ShouldUseZygote() override { |
| 67 return !no_sandbox_ && exposed_dir_.empty(); | 88 return !no_sandbox_ && exposed_dir_.empty(); |
| 68 } | 89 } |
| 69 base::EnvironmentMap GetEnvironment() override { return env_; } | 90 base::EnvironmentMap GetEnvironment() override { return env_; } |
| 70 base::ScopedFD TakeIpcFd() override { return ipc_fd_.Pass(); } | 91 base::ScopedFD TakeIpcFd() override { return ipc_fd_.Pass(); } |
| 71 #endif // OS_WIN | 92 #endif // OS_WIN |
| 72 | 93 |
| 73 SandboxType GetSandboxType() override { | 94 SandboxType GetSandboxType() override { |
| (...skipping 270 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 344 if (RenderProcessHost::run_renderer_in_process()) | 365 if (RenderProcessHost::run_renderer_in_process()) |
| 345 handle = base::GetCurrentProcessHandle(); | 366 handle = base::GetCurrentProcessHandle(); |
| 346 else | 367 else |
| 347 handle = process_->GetData().handle; | 368 handle = process_->GetData().handle; |
| 348 | 369 |
| 349 mojo_application_host_->Activate(this, handle); | 370 mojo_application_host_->Activate(this, handle); |
| 350 } | 371 } |
| 351 } | 372 } |
| 352 | 373 |
| 353 } // namespace content | 374 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1415483008:
Get rid of SandboxedProcessLauncherDelegate::PreSandbox. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master