Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(310)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chromeos/process_proxy/process_proxy.cc

Issue 228783005: [ChromeOS] Don't set NO_NEW_PRIVS for ProcessProxy processes (e.g. Crosh) when in dev-mode. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Fix header Created 6 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/chromeos/login/chrome_restart_request.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chromeos/process_proxy/process_proxy.h" 5 #include "chromeos/process_proxy/process_proxy.h"
6 6
7 #include <fcntl.h> 7 #include <fcntl.h>
8 #include <stdlib.h> 8 #include <stdlib.h>
9 #include <sys/ioctl.h> 9 #include <sys/ioctl.h>
10 10
11 #include "base/bind.h" 11 #include "base/bind.h"
12 #include "base/command_line.h" 12 #include "base/command_line.h"
13 #include "base/file_util.h" 13 #include "base/file_util.h"
14 #include "base/logging.h" 14 #include "base/logging.h"
15 #include "base/posix/eintr_wrapper.h" 15 #include "base/posix/eintr_wrapper.h"
16 #include "base/process/kill.h" 16 #include "base/process/kill.h"
17 #include "base/process/launch.h" 17 #include "base/process/launch.h"
18 #include "base/threading/thread.h" 18 #include "base/threading/thread.h"
19 #include "chromeos/process_proxy/process_output_watcher.h" 19 #include "chromeos/process_proxy/process_output_watcher.h"
20 #include "third_party/cros_system_api/switches/chrome_switches.h"
20 21
21 namespace { 22 namespace {
22 23
23 enum PipeEnd { 24 enum PipeEnd {
24 PIPE_END_READ, 25 PIPE_END_READ,
25 PIPE_END_WRITE 26 PIPE_END_WRITE
26 }; 27 };
27 28
28 enum PseudoTerminalFd { 29 enum PseudoTerminalFd {
29 PT_MASTER_FD, 30 PT_MASTER_FD,
(...skipping 186 matching lines...) Expand 10 before | Expand all | Expand 10 after
216 } 217 }
217 218
218 bool ProcessProxy::LaunchProcess(const std::string& command, int slave_fd, 219 bool ProcessProxy::LaunchProcess(const std::string& command, int slave_fd,
219 pid_t* pid) { 220 pid_t* pid) {
220 // Redirect crosh process' output and input so we can read it. 221 // Redirect crosh process' output and input so we can read it.
221 base::FileHandleMappingVector fds_mapping; 222 base::FileHandleMappingVector fds_mapping;
222 fds_mapping.push_back(std::make_pair(slave_fd, STDIN_FILENO)); 223 fds_mapping.push_back(std::make_pair(slave_fd, STDIN_FILENO));
223 fds_mapping.push_back(std::make_pair(slave_fd, STDOUT_FILENO)); 224 fds_mapping.push_back(std::make_pair(slave_fd, STDOUT_FILENO));
224 fds_mapping.push_back(std::make_pair(slave_fd, STDERR_FILENO)); 225 fds_mapping.push_back(std::make_pair(slave_fd, STDERR_FILENO));
225 base::LaunchOptions options; 226 base::LaunchOptions options;
227 // Do not set NO_NEW_PRIVS on processes if the system is in dev-mode. This
228 // permits sudo in the crosh shell when in developer mode.
229 options.allow_new_privs = base::CommandLine::ForCurrentProcess()->
230 HasSwitch(chromeos::switches::kSystemInDevMode);
226 options.fds_to_remap = &fds_mapping; 231 options.fds_to_remap = &fds_mapping;
227 options.ctrl_terminal_fd = slave_fd; 232 options.ctrl_terminal_fd = slave_fd;
228 options.environ["TERM"] = "xterm"; 233 options.environ["TERM"] = "xterm";
229 234
230 // Launch the process. 235 // Launch the process.
231 return base::LaunchProcess(CommandLine(base::FilePath(command)), options, 236 return base::LaunchProcess(CommandLine(base::FilePath(command)), options,
232 pid); 237 pid);
233 } 238 }
234 239
235 void ProcessProxy::CloseAllFdPairs() { 240 void ProcessProxy::CloseAllFdPairs() {
(...skipping 18 matching lines...) Expand all
254 ClearFdPair(pt_pair_); 259 ClearFdPair(pt_pair_);
255 ClearFdPair(shutdown_pipe_); 260 ClearFdPair(shutdown_pipe_);
256 } 261 }
257 262
258 void ProcessProxy::ClearFdPair(int* pipe) { 263 void ProcessProxy::ClearFdPair(int* pipe) {
259 pipe[PIPE_END_READ] = kInvalidFd; 264 pipe[PIPE_END_READ] = kInvalidFd;
260 pipe[PIPE_END_WRITE] = kInvalidFd; 265 pipe[PIPE_END_WRITE] = kInvalidFd;
261 } 266 }
262 267
263 } // namespace chromeos 268 } // namespace chromeos
OLDNEW
« no previous file with comments | « chrome/browser/chromeos/login/chrome_restart_request.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698