Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(455)

Side by Side Diff: components/nacl/loader/sandbox_linux/nacl_sandbox_linux.h

Issue 276443003: NaCl: Add sanity check for number of open FDs at startup (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef COMPONENTS_NACL_LOADER_SANDBOX_LINUX_NACL_SANDBOX_LINUX_H_ 5 #ifndef COMPONENTS_NACL_LOADER_SANDBOX_LINUX_NACL_SANDBOX_LINUX_H_
6 #define COMPONENTS_NACL_LOADER_SANDBOX_LINUX_NACL_SANDBOX_LINUX_H_ 6 #define COMPONENTS_NACL_LOADER_SANDBOX_LINUX_NACL_SANDBOX_LINUX_H_
7 7
8 #include "base/files/scoped_file.h" 8 #include "base/files/scoped_file.h"
9 #include "base/macros.h" 9 #include "base/macros.h"
10 #include "base/memory/scoped_ptr.h"
11
12 namespace sandbox {
13 class SetuidSandboxClient;
14 }
10 15
11 namespace nacl { 16 namespace nacl {
12 17
13 // NaClSandbox supports two independent layers of sandboxing. 18 // NaClSandbox supports two independent layers of sandboxing.
14 // layer-1 uses a chroot. It requires both InitializeLayerOneSandbox() and 19 // layer-1 uses a chroot. It requires both InitializeLayerOneSandbox() and
15 // SealLayerOneSandbox() to have been called to be enforcing. 20 // SealLayerOneSandbox() to have been called to be enforcing.
16 // layer-2 uses seccomp-bpf. It requires the layer-1 sandbox to not yet be 21 // layer-2 uses seccomp-bpf. It requires the layer-1 sandbox to not yet be
17 // sealed when being engaged. 22 // sealed when being engaged.
18 // For the layer-1 sandbox to work, the current process must be a child of 23 // For the layer-1 sandbox to work, the current process must be a child of
19 // the setuid sandbox. InitializeLayerOneSandbox() can only be called once 24 // the setuid sandbox. InitializeLayerOneSandbox() can only be called once
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after
61 bool layer_two_enabled() { return layer_two_enabled_; } 66 bool layer_two_enabled() { return layer_two_enabled_; }
62 67
63 private: 68 private:
64 bool layer_one_enabled_; 69 bool layer_one_enabled_;
65 bool layer_one_sealed_; 70 bool layer_one_sealed_;
66 bool layer_two_enabled_; 71 bool layer_two_enabled_;
67 bool layer_two_is_nonsfi_; 72 bool layer_two_is_nonsfi_;
68 // |proc_fd_| must be released before the layer-1 sandbox is considered 73 // |proc_fd_| must be released before the layer-1 sandbox is considered
69 // enforcing. 74 // enforcing.
70 base::ScopedFD proc_fd_; 75 base::ScopedFD proc_fd_;
76 scoped_ptr<sandbox::SetuidSandboxClient> setuid_sandbox_client_;
71 DISALLOW_COPY_AND_ASSIGN(NaClSandbox); 77 DISALLOW_COPY_AND_ASSIGN(NaClSandbox);
72 }; 78 };
73 79
74 } // namespace nacl 80 } // namespace nacl
75 81
76 #endif // COMPONENTS_NACL_LOADER_SANDBOX_LINUX_NACL_SANDBOX_LINUX_H_ 82 #endif // COMPONENTS_NACL_LOADER_SANDBOX_LINUX_NACL_SANDBOX_LINUX_H_
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698