OLD | NEW |
1 # Linux Sandboxing | 1 # Linux Sandboxing |
2 | 2 |
3 Chromium uses a multiprocess model, which allows to give different privileges | 3 Chromium uses a multiprocess model, which allows to give different privileges |
4 and restrictions to different parts of the browser. For instance, we want | 4 and restrictions to different parts of the browser. For instance, we want |
5 renderers to run with a limited set of privileges since they process untrusted | 5 renderers to run with a limited set of privileges since they process untrusted |
6 input and are likely to be compromised. Renderers will use an IPC mechanism to | 6 input and are likely to be compromised. Renderers will use an IPC mechanism to |
7 request access to resource from a more privileged (browser process). | 7 request access to resource from a more privileged (browser process). |
8 You can find more about this general design | 8 You can find more about this general design |
9 [here](http://dev.chromium.org/developers/design-documents/sandbox). | 9 [here](http://dev.chromium.org/developers/design-documents/sandbox). |
10 | 10 |
(...skipping 130 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
141 Sandboxing can make developing harder, see: | 141 Sandboxing can make developing harder, see: |
142 | 142 |
143 * [this page](linux_suid_sandbox_development.md) for the `setuid` sandbox | 143 * [this page](linux_suid_sandbox_development.md) for the `setuid` sandbox |
144 * [this page](http://www.chromium.org/for-testers/bug-reporting-guidelines/han
ging-tabs) | 144 * [this page](http://www.chromium.org/for-testers/bug-reporting-guidelines/han
ging-tabs) |
145 for triggering crashes | 145 for triggering crashes |
146 * [this page for debugging tricks](linux_debugging.md) | 146 * [this page for debugging tricks](linux_debugging.md) |
147 | 147 |
148 ## See also | 148 ## See also |
149 | 149 |
150 * [LinuxSandboxIPC](linux_sandbox_ipc.md) | 150 * [LinuxSandboxIPC](linux_sandbox_ipc.md) |
151 * [How Chromium's Linux sandbox affects Native Client](https://code.google.com
/p/nativeclient/wiki/LinuxOuterSandbox) | 151 * [How Chromium's Linux sandbox affects Native Client](https://chromium.google
source.com/native_client/src/native_client.git/+/master/docs/linux_outer_sandbox
.md) |
OLD | NEW |