NaCl: Add sanity check for number of open FDs at startup

components/nacl/loader/sandbox_linux/nacl_sandbox_linux.h

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef COMPONENTS_NACL_LOADER_SANDBOX_LINUX_NACL_SANDBOX_LINUX_H_
 #define COMPONENTS_NACL_LOADER_SANDBOX_LINUX_NACL_SANDBOX_LINUX_H_
 
 #include "base/files/scoped_file.h"
 #include "base/macros.h"
+#include "base/memory/scoped_ptr.h"
+
+namespace sandbox {
+class SetuidSandboxClient;
+}
 
 namespace nacl {
 
 // NaClSandbox supports two independent layers of sandboxing.
 // layer-1 uses a chroot. It requires both InitializeLayerOneSandbox() and
 // SealLayerOneSandbox() to have been called to be enforcing.
 // layer-2 uses seccomp-bpf. It requires the layer-1 sandbox to not yet be
 // sealed when being engaged.
 // For the layer-1 sandbox to work, the current process must be a child of
 // the setuid sandbox. InitializeLayerOneSandbox() can only be called once
@@ skipping 41 matching lines @@
   bool layer_two_enabled() { return layer_two_enabled_; }
 
  private:
   bool layer_one_enabled_;
   bool layer_one_sealed_;
   bool layer_two_enabled_;
   bool layer_two_is_nonsfi_;
   // |proc_fd_| must be released before the layer-1 sandbox is considered
   // enforcing.
   base::ScopedFD proc_fd_;
+  scoped_ptr<sandbox::SetuidSandboxClient> setuid_sandbox_client_;
   DISALLOW_COPY_AND_ASSIGN(NaClSandbox);
 };
 
 }  // namespace nacl
 
 #endif  // COMPONENTS_NACL_LOADER_SANDBOX_LINUX_NACL_SANDBOX_LINUX_H_