docs/linux_suid_sandbox.md - Issue 1877013002: Update Linux build docs to remove GYP references.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: docs/linux_suid_sandbox.md

Issue 1877013002: Update Linux build docs to remove GYP references. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: fixes Created 4 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « docs/linux_faster_builds.md ('k') | docs/linux_suid_sandbox_development.md » ('j') | no next file with comments »

OLD	NEW
1 # Linux `SUID` Sandbox	1 # Linux `SUID` Sandbox

2	2

	3 *IMPORTANT NOTE: The Linux SUID sandbox is almost but not completely removed.

	4 See https://bugs.chromium.org/p/chromium/issues/detail?id=598454

	5 This page is mostly out-of-date.*

	6

3 With [r20110](https://crrev.com/20110), Chromium on Linux can now sandbox its	7 With [r20110](https://crrev.com/20110), Chromium on Linux can now sandbox its

4 renderers using a `SUID` helper binary. This is one of	8 renderers using a `SUID` helper binary. This is one of

5 [our layer-1 sandboxing solutions](linux_sandboxing.md).	9 [our layer-1 sandboxing solutions](linux_sandboxing.md).

6	10

7 ## `SUID` helper executable	11 ## `SUID` helper executable

8	12

9 The `SUID` helper binary is called `chrome_sandbox` and you must build it	13 The `SUID` helper binary is called `chrome_sandbox` and you must build it

10 separately from the main 'chrome' target. To use this sandbox, you have to	14 separately from the main 'chrome' target. To use this sandbox, you have to

11 specify its path in the `linux_sandbox_path` GYP variable. When spawning the	15 specify its path in the `linux_sandbox_path` GYP variable. When spawning the

12 [zygote process](linux_zygote.md), if the `SUID` sandbox is enabled, Chromium	16 [zygote process](linux_zygote.md), if the `SUID` sandbox is enabled, Chromium

(...skipping 108 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
121 `/opt/google/chrome/chrome`. This string is hard coded	125 `/opt/google/chrome/chrome`. This string is hard coded

122 (`sandbox/linux/suid/sandbox.cc`). If your package is going to place the	126 (`sandbox/linux/suid/sandbox.cc`). If your package is going to place the

123 Chromium binary somewhere else you need to modify this string.	127 Chromium binary somewhere else you need to modify this string.

124	128

125 ## See also	129 ## See also

126	130

127 * [LinuxSUIDSandboxDevelopment](linux_suid_sandbox_development.md)	131 * [LinuxSUIDSandboxDevelopment](linux_suid_sandbox_development.md)

128 * [LinuxSandboxing](linux_sandboxing.md)	132 * [LinuxSandboxing](linux_sandboxing.md)

129 * General information on Chromium sandboxing:	133 * General information on Chromium sandboxing:

130 http://dev.chromium.org/developers/design-documents/sandbox	134 http://dev.chromium.org/developers/design-documents/sandbox

OLD	NEW