Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(259)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/zygote_host_linux.cc

Issue 149462: Linux: have the sandbox binary create the sandbox directory. (Closed)
Patch Set: ... Created 11 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | chrome/browser/zygote_main_linux.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2009 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/zygote_host_linux.h" 5 #include "chrome/browser/zygote_host_linux.h"
6 6
7 #include <unistd.h> 7 #include <unistd.h>
8 #include <sys/types.h> 8 #include <sys/types.h>
9 #include <sys/socket.h> 9 #include <sys/socket.h>
10 #include <sys/stat.h> 10 #include <sys/stat.h>
(...skipping 29 matching lines...) Expand all
40 base::file_handle_mapping_vector fds_to_map; 40 base::file_handle_mapping_vector fds_to_map;
41 fds_to_map.push_back(std::make_pair(fds[1], 3)); 41 fds_to_map.push_back(std::make_pair(fds[1], 3));
42 42
43 const CommandLine& browser_command_line = *CommandLine::ForCurrentProcess(); 43 const CommandLine& browser_command_line = *CommandLine::ForCurrentProcess();
44 if (browser_command_line.HasSwitch(switches::kZygoteCmdPrefix)) { 44 if (browser_command_line.HasSwitch(switches::kZygoteCmdPrefix)) {
45 const std::wstring prefix = 45 const std::wstring prefix =
46 browser_command_line.GetSwitchValue(switches::kZygoteCmdPrefix); 46 browser_command_line.GetSwitchValue(switches::kZygoteCmdPrefix);
47 cmd_line.PrependWrapper(prefix); 47 cmd_line.PrependWrapper(prefix);
48 } 48 }
49 49
50 const std::string kSandboxPath =
51 WideToASCII(std::wstring(L"/var/run/") +
52 chrome::kBrowserProcessExecutableName +
53 L"-sandbox");
54
55 struct stat st; 50 struct stat st;
56 if (stat(kSandboxBinary, &st) == 0) { 51 if (stat(kSandboxBinary, &st) == 0) {
57 if (access(kSandboxBinary, X_OK) == 0 && 52 if (access(kSandboxBinary, X_OK) == 0 &&
58 (st.st_mode & S_ISUID) && 53 (st.st_mode & S_ISUID) &&
59 (st.st_mode & S_IXOTH) && 54 (st.st_mode & S_IXOTH)) {
60 access(kSandboxPath.c_str(), F_OK) == 0) {
61 cmd_line.PrependWrapper(ASCIIToWide(kSandboxBinary)); 55 cmd_line.PrependWrapper(ASCIIToWide(kSandboxBinary));
62 } else { 56 } else {
63 LOG(FATAL) << "The SUID sandbox helper binary was found, but is not " 57 LOG(FATAL) << "The SUID sandbox helper binary was found, but is not "
64 "configured correctly. Rather than run without sandboxing " 58 "configured correctly. Rather than run without sandboxing "
65 "I'm aborting now. You need to make sure that " 59 "I'm aborting now. You need to make sure that "
66 << kSandboxBinary << " is mode 4755 and that " 60 << kSandboxBinary << " is mode 4755.";
67 << kSandboxPath << " exists";
68 } 61 }
69 } 62 }
70 63
71 // Start up the sandbox host process and get the file descriptor for the 64 // Start up the sandbox host process and get the file descriptor for the
72 // renderers to talk to it. 65 // renderers to talk to it.
73 const int sfd = Singleton<RenderSandboxHostLinux>()->GetRendererSocket(); 66 const int sfd = Singleton<RenderSandboxHostLinux>()->GetRendererSocket();
74 fds_to_map.push_back(std::make_pair(sfd, 5)); 67 fds_to_map.push_back(std::make_pair(sfd, 5));
75 68
76 base::ProcessHandle process; 69 base::ProcessHandle process;
77 base::LaunchApp(cmd_line.argv(), fds_to_map, false, &process); 70 base::LaunchApp(cmd_line.argv(), fds_to_map, false, &process);
(...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after
151 !read_pickle.ReadBool(&iter, &tmp_child_exited)) { 144 !read_pickle.ReadBool(&iter, &tmp_child_exited)) {
152 LOG(WARNING) << "Error parsing DidProcessCrash response from zygote."; 145 LOG(WARNING) << "Error parsing DidProcessCrash response from zygote.";
153 return false; 146 return false;
154 } 147 }
155 148
156 if (child_exited) 149 if (child_exited)
157 *child_exited = tmp_child_exited; 150 *child_exited = tmp_child_exited;
158 151
159 return did_crash; 152 return did_crash;
160 } 153 }
OLDNEW
« no previous file with comments | « no previous file | chrome/browser/zygote_main_linux.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698