Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1544)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/plugin_process_host.cc

Issue 177863002: Refactor configuration of sandboxes - first steps (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fix nacl sandbox options on Linux Created 6 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« content/browser/gpu/gpu_process_host.cc ('K') | « content/browser/gpu/gpu_process_host.cc ('k') | content/browser/ppapi_plugin_process_host.cc » ('j') | content/browser/ppapi_plugin_process_host.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/plugin_process_host.cc
diff --git a/content/browser/plugin_process_host.cc b/content/browser/plugin_process_host.cc
index f30fd5d51715f94f70f42efcd140abeb1169e32c..2ed0e139faac4b20c28bfbe96f29785784e288a7 100644
--- a/content/browser/plugin_process_host.cc
+++ b/content/browser/plugin_process_host.cc
@@ -36,6 +36,7 @@
#include "content/public/browser/resource_context.h"
#include "content/public/common/content_switches.h"
#include "content/public/common/process_type.h"
+#include "content/public/common/sandboxed_process_launcher_delegate.h"
#include "ipc/ipc_switches.h"
#include "net/url_request/url_request_context_getter.h"
#include "ui/base/ui_base_switches.h"
@@ -55,7 +56,6 @@
#if defined(OS_WIN)
#include "base/win/windows_version.h"
#include "content/common/plugin_constants_win.h"
-#include "content/public/common/sandboxed_process_launcher_delegate.h"
#include "ui/gfx/switches.h"
#endif
@@ -82,17 +82,34 @@ void PluginProcessHost::AddWindow(HWND window) {
class PluginSandboxedProcessLauncherDelegate
: public SandboxedProcessLauncherDelegate {
public:
- PluginSandboxedProcessLauncherDelegate() {}
+ explicit PluginSandboxedProcessLauncherDelegate(ChildProcessHost* /*host*/) {}
virtual ~PluginSandboxedProcessLauncherDelegate() {}
virtual void ShouldSandbox(bool* in_sandbox) OVERRIDE {
*in_sandbox = false;
}
-
private:
DISALLOW_COPY_AND_ASSIGN(PluginSandboxedProcessLauncherDelegate);
};
+#elif defined(OS_POSIX)
+
+// NOTE: changes to this class need to be reviewed by the security team.
+class PluginSandboxedProcessLauncherDelegate
jam 2014/02/26 19:47:52 ditto
aberent 2014/02/28 08:51:06 Done.
+ : public SandboxedProcessLauncherDelegate {
+ public:
+ explicit PluginSandboxedProcessLauncherDelegate(ChildProcessHost* host)
+ : ipc_fd_(host->TakeClientFileDescriptor()) {}
+
+ virtual ~PluginSandboxedProcessLauncherDelegate() {}
+
+ virtual int IpcFd() OVERRIDE {
+ return ipc_fd_;
+ }
+ private:
+ int ipc_fd_;
+ DISALLOW_COPY_AND_ASSIGN(PluginSandboxedProcessLauncherDelegate);
+};
#endif // defined(OS_WIN)
#if defined(TOOLKIT_GTK)
@@ -247,13 +264,7 @@ bool PluginProcessHost::Init(const WebPluginInfo& info) {
#endif
process_->Launch(
-#if defined(OS_WIN)
- new PluginSandboxedProcessLauncherDelegate,
- false,
-#elif defined(OS_POSIX)
- false,
- env,
-#endif
+ new PluginSandboxedProcessLauncherDelegate(process_->GetHost()),
cmd_line);
// The plugin needs to be shutdown gracefully, i.e. NP_Shutdown needs to be
« content/browser/gpu/gpu_process_host.cc ('K') | « content/browser/gpu/gpu_process_host.cc ('k') | content/browser/ppapi_plugin_process_host.cc » ('j') | content/browser/ppapi_plugin_process_host.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698