Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(150)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/public/common/sandbox_init.h

Issue 1851213002: Remove sandbox on Windows. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: fix nacl compile issues Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « content/public/browser/content_browser_client.cc ('k') | content/public/test/test_launcher.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef CONTENT_PUBLIC_COMMON_SANDBOX_INIT_H_ 5 #ifndef CONTENT_PUBLIC_COMMON_SANDBOX_INIT_H_
6 #define CONTENT_PUBLIC_COMMON_SANDBOX_INIT_H_ 6 #define CONTENT_PUBLIC_COMMON_SANDBOX_INIT_H_
7 7
8 #include "base/files/scoped_file.h" 8 #include "base/files/scoped_file.h"
9 #include "base/memory/scoped_ptr.h" 9 #include "base/memory/scoped_ptr.h"
10 #include "base/memory/shared_memory.h" 10 #include "base/memory/shared_memory.h"
(...skipping 23 matching lines...) Expand all
34 // Initialize the sandbox for renderer, gpu, utility, worker, nacl, and plugin 34 // Initialize the sandbox for renderer, gpu, utility, worker, nacl, and plugin
35 // processes, depending on the command line flags. Although The browser process 35 // processes, depending on the command line flags. Although The browser process
36 // is not sandboxed, this also needs to be called because it will initialize 36 // is not sandboxed, this also needs to be called because it will initialize
37 // the broker code. 37 // the broker code.
38 // Returns true if the sandbox was initialized succesfully, false if an error 38 // Returns true if the sandbox was initialized succesfully, false if an error
39 // occurred. If process_type isn't one that needs sandboxing true is always 39 // occurred. If process_type isn't one that needs sandboxing true is always
40 // returned. 40 // returned.
41 CONTENT_EXPORT bool InitializeSandbox( 41 CONTENT_EXPORT bool InitializeSandbox(
42 sandbox::SandboxInterfaceInfo* sandbox_info); 42 sandbox::SandboxInterfaceInfo* sandbox_info);
43 43
44 // This is a restricted version of Windows' DuplicateHandle() function
45 // that works inside the sandbox and can send handles but not retrieve
46 // them. Unlike DuplicateHandle(), it takes a process ID rather than
47 // a process handle. It returns true on success, false otherwise.
48 CONTENT_EXPORT bool BrokerDuplicateHandle(HANDLE source_handle,
49 DWORD target_process_id,
50 HANDLE* target_handle,
51 DWORD desired_access,
52 DWORD options);
53
54 // Inform the current process's sandbox broker (e.g. the broker for 44 // Inform the current process's sandbox broker (e.g. the broker for
55 // 32-bit processes) about a process created under a different sandbox 45 // 32-bit processes) about a process created under a different sandbox
56 // broker (e.g. the broker for 64-bit processes). This allows 46 // broker (e.g. the broker for 64-bit processes). This allows
57 // BrokerDuplicateHandle() to send handles to a process managed by 47 // BrokerDuplicateHandle() to send handles to a process managed by
58 // another broker. For example, it allows the 32-bit renderer to send 48 // another broker. For example, it allows the 32-bit renderer to send
59 // handles to 64-bit NaCl processes. This returns true on success, 49 // handles to 64-bit NaCl processes. This returns true on success,
60 // false otherwise. 50 // false otherwise.
61 CONTENT_EXPORT bool BrokerAddTargetPeer(HANDLE peer_process); 51 CONTENT_EXPORT bool BrokerAddTargetPeer(HANDLE peer_process);
62 52
63 // Launch a sandboxed process. |delegate| may be NULL. If |delegate| is non-NULL 53 // Launch a sandboxed process. |delegate| may be NULL. If |delegate| is non-NULL
(...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after
102 92
103 // Return a "baseline" policy. This is used by a SandboxInitializerDelegate to 93 // Return a "baseline" policy. This is used by a SandboxInitializerDelegate to
104 // implement a policy that is derived from the baseline. 94 // implement a policy that is derived from the baseline.
105 CONTENT_EXPORT scoped_ptr<sandbox::bpf_dsl::Policy> 95 CONTENT_EXPORT scoped_ptr<sandbox::bpf_dsl::Policy>
106 GetBPFSandboxBaselinePolicy(); 96 GetBPFSandboxBaselinePolicy();
107 #endif // defined(OS_LINUX) || defined(OS_NACL_NONSFI) 97 #endif // defined(OS_LINUX) || defined(OS_NACL_NONSFI)
108 98
109 } // namespace content 99 } // namespace content
110 100
111 #endif // CONTENT_PUBLIC_COMMON_SANDBOX_INIT_H_ 101 #endif // CONTENT_PUBLIC_COMMON_SANDBOX_INIT_H_
OLDNEW
« no previous file with comments | « content/public/browser/content_browser_client.cc ('k') | content/public/test/test_launcher.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698