Plumb sandbox rules through the helper executable.

sandbox/mac/seatbelt_exec.cc

Index: sandbox/mac/seatbelt_exec.cc
diff --git a/sandbox/mac/seatbelt_exec.cc b/sandbox/mac/seatbelt_exec.cc
index 6a1a7b940f67d371240a44831fca7d40e0318d4b..17fe54b48769cef057cd1ee7a84e794d9e8cf8b4 100644
--- a/sandbox/mac/seatbelt_exec.cc
+++ b/sandbox/mac/seatbelt_exec.cc
@@ -75,7 +75,7 @@ bool SeatbeltExecClient::WriteString(std::string* str) {
   return static_cast<uint64_t>(written) == str->size();
 }
 
-SeatbeltExecServer::SeatbeltExecServer(int fd) : fd_(fd) {}
+SeatbeltExecServer::SeatbeltExecServer(int fd) : fd_(fd), extra_params_() {}
 
 SeatbeltExecServer::~SeatbeltExecServer() {}
 
@@ -99,6 +99,10 @@ bool SeatbeltExecServer::ApplySandboxProfile(const mac::SandboxPolicy& policy) {
     weak_params.push_back(pair.first.c_str());
     weak_params.push_back(pair.second.c_str());
   }
+  for (const auto& pair : extra_params_) {
+    weak_params.push_back(pair.first.c_str());
+    weak_params.push_back(pair.second.c_str());
+  }
   weak_params.push_back(nullptr);
 
   char* error = nullptr;
@@ -130,4 +134,11 @@ bool SeatbeltExecServer::ReadString(std::string* str) {
   return true;
 }
 
+bool SeatbeltExecServer::SetParameter(const base::StringPiece key,
+                                      const base::StringPiece value) {
+  return extra_params_
+      .insert(std::make_pair(key.as_string(), value.as_string()))
+      .second;
+}
+
 }  // namespace sandbox