Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(889)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: base/process/launch_posix.cc

Issue 197213015: [Linux] Use PR_SET_NO_NEW_PRIVS by default in base/process/launch.h. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Fix docs nit Created 6 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « base/process/launch.cc ('k') | base/test/launcher/test_launcher.cc » ('j') | chrome/browser/sessions/session_restore_browsertest.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "base/process/launch.h" 5 #include "base/process/launch.h"
6 6
7 #include <dirent.h> 7 #include <dirent.h>
8 #include <errno.h> 8 #include <errno.h>
9 #include <fcntl.h> 9 #include <fcntl.h>
10 #include <signal.h> 10 #include <signal.h>
(...skipping 20 matching lines...) Expand all
31 #include "base/memory/scoped_ptr.h" 31 #include "base/memory/scoped_ptr.h"
32 #include "base/posix/eintr_wrapper.h" 32 #include "base/posix/eintr_wrapper.h"
33 #include "base/process/kill.h" 33 #include "base/process/kill.h"
34 #include "base/process/process_metrics.h" 34 #include "base/process/process_metrics.h"
35 #include "base/strings/stringprintf.h" 35 #include "base/strings/stringprintf.h"
36 #include "base/synchronization/waitable_event.h" 36 #include "base/synchronization/waitable_event.h"
37 #include "base/third_party/dynamic_annotations/dynamic_annotations.h" 37 #include "base/third_party/dynamic_annotations/dynamic_annotations.h"
38 #include "base/threading/platform_thread.h" 38 #include "base/threading/platform_thread.h"
39 #include "base/threading/thread_restrictions.h" 39 #include "base/threading/thread_restrictions.h"
40 40
41 #if defined(OS_LINUX)
42 #include <sys/prctl.h>
43 #endif
44
41 #if defined(OS_CHROMEOS) 45 #if defined(OS_CHROMEOS)
42 #include <sys/ioctl.h> 46 #include <sys/ioctl.h>
43 #endif 47 #endif
44 48
45 #if defined(OS_FREEBSD) 49 #if defined(OS_FREEBSD)
46 #include <sys/event.h> 50 #include <sys/event.h>
47 #include <sys/ucontext.h> 51 #include <sys/ucontext.h>
48 #endif 52 #endif
49 53
50 #if defined(OS_MACOSX) 54 #if defined(OS_MACOSX)
(...skipping 366 matching lines...) Expand 10 before | Expand all | Expand 10 after
417 421
418 if (!options.environ.empty()) 422 if (!options.environ.empty())
419 SetEnvironment(new_environ.get()); 423 SetEnvironment(new_environ.get());
420 424
421 // fd_shuffle1 is mutated by this call because it cannot malloc. 425 // fd_shuffle1 is mutated by this call because it cannot malloc.
422 if (!ShuffleFileDescriptors(&fd_shuffle1)) 426 if (!ShuffleFileDescriptors(&fd_shuffle1))
423 _exit(127); 427 _exit(127);
424 428
425 CloseSuperfluousFds(fd_shuffle2); 429 CloseSuperfluousFds(fd_shuffle2);
426 430
431 // Set NO_NEW_PRIVS by default. Since NO_NEW_PRIVS only exists in kernel
432 // 3.5+, do not check the return value of prctl here.
433 #if defined(OS_LINUX)
434 #ifndef PR_SET_NO_NEW_PRIVS
435 #define PR_SET_NO_NEW_PRIVS 38
436 #endif
437 if (!options.allow_new_privs) {
438 prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0);
jln (very slow on Chromium) 2014/04/01 21:54:23 Do you want to at least DCHECK_EQ(EINVAL, errno) i
Robert Sesek 2014/04/02 15:39:22 Done.
439 }
440 #endif
441
427 for (size_t i = 0; i < argv.size(); i++) 442 for (size_t i = 0; i < argv.size(); i++)
428 argv_cstr[i] = const_cast<char*>(argv[i].c_str()); 443 argv_cstr[i] = const_cast<char*>(argv[i].c_str());
429 argv_cstr[argv.size()] = NULL; 444 argv_cstr[argv.size()] = NULL;
430 execvp(argv_cstr[0], argv_cstr.get()); 445 execvp(argv_cstr[0], argv_cstr.get());
431 446
432 RAW_LOG(ERROR, "LaunchProcess: failed to execvp:"); 447 RAW_LOG(ERROR, "LaunchProcess: failed to execvp:");
433 RAW_LOG(ERROR, argv_cstr[0]); 448 RAW_LOG(ERROR, argv_cstr[0]);
434 _exit(127); 449 _exit(127);
435 } else { 450 } else {
436 // Parent process 451 // Parent process
(...skipping 194 matching lines...) Expand 10 before | Expand all | Expand 10 after
631 std::string* output, 646 std::string* output,
632 int* exit_code) { 647 int* exit_code) {
633 // Run |execve()| with the current environment and store "unlimited" data. 648 // Run |execve()| with the current environment and store "unlimited" data.
634 GetAppOutputInternalResult result = GetAppOutputInternal( 649 GetAppOutputInternalResult result = GetAppOutputInternal(
635 cl.argv(), NULL, output, std::numeric_limits<std::size_t>::max(), true, 650 cl.argv(), NULL, output, std::numeric_limits<std::size_t>::max(), true,
636 exit_code); 651 exit_code);
637 return result == EXECUTE_SUCCESS; 652 return result == EXECUTE_SUCCESS;
638 } 653 }
639 654
640 } // namespace base 655 } // namespace base
OLDNEW
« no previous file with comments | « base/process/launch.cc ('k') | base/test/launcher/test_launcher.cc » ('j') | chrome/browser/sessions/session_restore_browsertest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698