| Index: services/shell/service_manager.cc
|
| diff --git a/services/shell/service_manager.cc b/services/shell/service_manager.cc
|
| index 78c0059e8a1fd77bd3c022211534b16af84bc672..49aefce9bc284e69c30ea12f9edf2f310bd371d0 100644
|
| --- a/services/shell/service_manager.cc
|
| +++ b/services/shell/service_manager.cc
|
| @@ -218,10 +218,10 @@ class ServiceManager::Instance
|
| StartWithService(std::move(service));
|
| }
|
|
|
| - void StartWithFilePath(const base::FilePath& path) {
|
| + void StartWithFilePath(const base::FilePath& path, bool privileged) {
|
| CHECK(!service_);
|
| runner_ = service_manager_->native_runner_factory_->Create(path);
|
| - bool start_sandboxed = false;
|
| + bool start_sandboxed = !privileged;
|
| mojom::ServicePtr service = runner_->Start(
|
| path, identity_, start_sandboxed,
|
| base::Bind(&Instance::PIDAvailable, weak_factory_.GetWeakPtr()),
|
| @@ -818,7 +818,7 @@ void ServiceManager::OnGotResolvedName(std::unique_ptr<ConnectParams> params,
|
| instance_name);
|
| CreateServiceWithFactory(factory, target.name(), std::move(request));
|
| } else {
|
| - instance->StartWithFilePath(result->package_path);
|
| + instance->StartWithFilePath(result->package_path, result->privileged);
|
| }
|
| }
|
|
|
|
|
Chromium Code Reviews
Issue 2338793003:
services/shell: Turn on sandboxing for mojo apps.
