Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(78)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/browser_main_loop.cc

Issue 1840923002: Removed setuid Sandbox Check as Per Bug#598454 (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fixed call to init sandbox_binary Created 4 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « AUTHORS ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/browser_main_loop.cc
diff --git a/content/browser/browser_main_loop.cc b/content/browser/browser_main_loop.cc
index 3c39e531a9aea3f03cfb018a0ee5430a5b2bf243..bbc29bd2eb842477257ee43890eee1fe7d2ed5d6 100644
--- a/content/browser/browser_main_loop.cc
+++ b/content/browser/browser_main_loop.cc
@@ -193,41 +193,14 @@ namespace content {
namespace {
#if defined(OS_POSIX) && !defined(OS_MACOSX) && !defined(OS_ANDROID)
-void SetupSandbox(const base::CommandLine& parsed_command_line) {
- TRACE_EVENT0("startup", "SetupSandbox");
+void SetupSandbox() {
base::FilePath sandbox_binary;
-
- scoped_ptr<sandbox::SetuidSandboxHost> setuid_sandbox_host(
mdempsky 2016/03/30 19:10:41 We still need this code for Chrome OS. You can't
- sandbox::SetuidSandboxHost::Create());
-
- const bool want_setuid_sandbox =
- !parsed_command_line.HasSwitch(switches::kNoSandbox) &&
- !parsed_command_line.HasSwitch(switches::kDisableSetuidSandbox) &&
- !setuid_sandbox_host->IsDisabledViaEnvironment();
-
- static const char no_suid_error[] =
- "Running without the SUID sandbox! See "
- "https://chromium.googlesource.com/chromium/src/+/master/docs/linux_suid_sandbox_development.md "
- "for more information on developing with the sandbox on.";
- if (want_setuid_sandbox) {
- sandbox_binary = setuid_sandbox_host->GetSandboxBinaryPath();
- if (sandbox_binary.empty()) {
- // This needs to be fatal. Talk to security@chromium.org if you feel
- // otherwise.
- LOG(FATAL) << no_suid_error;
- }
- } else {
- LOG(ERROR) << no_suid_error;
- }
-
- // Tickle the sandbox host and zygote host so they fork now.
RenderSandboxHostLinux::GetInstance()->Init();
ZygoteHostImpl::GetInstance()->Init(sandbox_binary.value());
*GetGenericZygote() = CreateZygote();
RenderProcessHostImpl::EarlyZygoteLaunch();
}
#endif
-
#if defined(USE_GLIB)
static void GLibLogHandler(const gchar* log_domain,
GLogLevelFlags log_level,
@@ -440,11 +413,8 @@ void BrowserMainLoop::EarlyInitialization() {
TRACK_SCOPED_REGION("Startup", "BrowserMainLoop::EarlyInitialization");
#if defined(OS_POSIX) && !defined(OS_MACOSX) && !defined(OS_ANDROID)
- // No thread should be created before this call, as SetupSandbox()
- // will end-up using fork().
- SetupSandbox(parsed_command_line_);
+ SetupSandbox();
#endif
-
#if defined(USE_X11)
if (UsingInProcessGpu()) {
if (!gfx::InitializeThreadedX11()) {
« no previous file with comments | « AUTHORS ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698