Refactor configuration of sandboxes - first steps

content/browser/ppapi_plugin_process_host.cc

Index: content/browser/ppapi_plugin_process_host.cc
diff --git a/content/browser/ppapi_plugin_process_host.cc b/content/browser/ppapi_plugin_process_host.cc
index f1a3171d0d0251f382fa25dcf61a6c347f8c208d..e321393d6b982182a9ab8a475a7f96d64b037b2d 100644
--- a/content/browser/ppapi_plugin_process_host.cc
+++ b/content/browser/ppapi_plugin_process_host.cc
@@ -21,6 +21,7 @@
 #include "content/public/common/content_switches.h"
 #include "content/public/common/pepper_plugin_info.h"
 #include "content/public/common/process_type.h"
+#include "content/public/common/sandboxed_process_launcher_delegate.h"
 #include "ipc/ipc_switches.h"
 #include "net/base/network_change_notifier.h"
 #include "ppapi/proxy/ppapi_messages.h"
@@ -28,7 +29,6 @@
 
 #if defined(OS_WIN)
 #include "content/common/sandbox_win.h"
-#include "content/public/common/sandboxed_process_launcher_delegate.h"
 #include "sandbox/win/src/sandbox_policy.h"
 #endif
 
@@ -39,7 +39,9 @@ namespace content {
 class PpapiPluginSandboxedProcessLauncherDelegate
     : public content::SandboxedProcessLauncherDelegate {
  public:
-  explicit PpapiPluginSandboxedProcessLauncherDelegate(bool is_broker)
+  PpapiPluginSandboxedProcessLauncherDelegate( bool is_broker,
+                                               const PepperPluginInfo& /*info*/,
+                                               ChildProcessHost* /*host*/)
       : is_broker_(is_broker) {}
   virtual ~PpapiPluginSandboxedProcessLauncherDelegate() {}
 
@@ -66,6 +68,37 @@ class PpapiPluginSandboxedProcessLauncherDelegate
 
   DISALLOW_COPY_AND_ASSIGN(PpapiPluginSandboxedProcessLauncherDelegate);
 };
+
+#elif defined(OS_POSIX)
+// NOTE: changes to this class need to be reviewed by the security team.

[jam, 2014/02/26 19:47:52]

ditto

[aberent, 2014/02/28 08:51:07]

Done.

+class PpapiPluginSandboxedProcessLauncherDelegate
+    : public content::SandboxedProcessLauncherDelegate {
+ public:
+  PpapiPluginSandboxedProcessLauncherDelegate(bool is_broker,
+                                              const PepperPluginInfo& info,
+                                              ChildProcessHost* host)
+      : is_broker_(is_broker),
+        info_(info),
+        ipc_fd_(host->TakeClientFileDescriptor()) {}
+
+  virtual ~PpapiPluginSandboxedProcessLauncherDelegate() {}
+
+  virtual bool UseZygote() OVERRIDE {
+    const CommandLine& browser_command_line = *CommandLine::ForCurrentProcess();
+    CommandLine::StringType plugin_launcher = browser_command_line
+        .GetSwitchValueNative(switches::kPpapiPluginLauncher);
+    return !is_broker_ && plugin_launcher.empty() && info_.is_sandboxed;
+  }
+  virtual int IpcFd() OVERRIDE {
+    return ipc_fd_;
+  }
+ private:
+  bool is_broker_;
+  const PepperPluginInfo& info_;
+  int ipc_fd_;
+
+  DISALLOW_COPY_AND_ASSIGN(PpapiPluginSandboxedProcessLauncherDelegate);
+};
 #endif  // OS_WIN
 
 class PpapiPluginProcessHost::PluginNetworkObserver
@@ -333,18 +366,13 @@ bool PpapiPluginProcessHost::Init(const PepperPluginInfo& info) {
   // plugin launcher means we need to use another process instead of just
   // forking the zygote.
 #if defined(OS_POSIX)
-  bool use_zygote = !is_broker_ && plugin_launcher.empty() && info.is_sandboxed;
   if (!info.is_sandboxed)
     cmd_line->AppendSwitchASCII(switches::kNoSandbox, std::string());
 #endif  // OS_POSIX
   process_->Launch(
-#if defined(OS_WIN)
-      new PpapiPluginSandboxedProcessLauncherDelegate(is_broker_),
-      false,
-#elif defined(OS_POSIX)
-      use_zygote,
-      base::EnvironmentMap(),
-#endif
+      new PpapiPluginSandboxedProcessLauncherDelegate(is_broker_,
+                                                      info,
+                                                      process_->GetHost()),
       cmd_line);
   return true;
 }