Issue 149462: Linux: have the sandbox binary create the sandbox directory.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Issue 149462: Linux: have the sandbox binary create the sandbox directory. (Closed)

Created:
11 years, 5 months ago by agl

Modified:
9 years, 7 months ago

Reviewers:
Evan Martin

CC:
chromium-reviews_googlegroups.com, fta

Visibility:
Public.

Description

Linux: have the sandbox binary create the sandbox directory. Ubuntu systems (at least) wipe /var/run at boot time, which is deleting our sandbox directory. Instead, we have the SUID helper create the sandbox directory since it's the only place where we have root permissions and can create a root owned directory. BUG=16363

Patch Set 1 #

Patch Set 2 : ... #

Patch Set 3 : ... #

Patch Set 4 : ... #

Total comments: 2

Patch Set 5 : ... #

Created: 11 years, 5 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+69 lines, -20 lines)			Patch
M	chrome/browser/zygote_host_linux.cc	View		1 chunk	+2 lines, -9 lines	0 comments	Download
M	chrome/browser/zygote_main_linux.cc	View	1 2 3 4	2 chunks	+26 lines, -5 lines	0 comments	Download
M	sandbox/linux/suid/sandbox.cc	View	1 2 3 4	4 chunks	+41 lines, -6 lines	0 comments	Download

Messages

Total messages: 2 (0 generated)

Expand Messages | Collapse Messages

Evan Martin

11 years, 5 months ago (2009-07-10 18:07:54 UTC) #2

LGTM

http://codereview.chromium.org/149462/diff/1012/12
File sandbox/linux/suid/sandbox.cc (right):

http://codereview.chromium.org/149462/diff/1012/12#newcode65
Line 65: // We create a temp directory for our chroot
maybe add something here about its properties: owned by root, non-writeable. 
(Why does it need to be owned by root?  Does that matter?)

http://codereview.chromium.org/149462/diff/1012/12#newcode130
Line 130: char control_buffer[CMSG_SPACE(sizeof(int))];
I have no idea whether this block of code is correct, so please critically
double-check it once before committing.

Expand Messages | Collapse Messages