Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(211)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/common/sandbox_linux/sandbox_linux.h

Issue 291063002: Fix misuses of DISALLOW_IMPLICIT_CONSTRUCTORS() (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Sort declarations according to Google style guide Created 6 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | sandbox/linux/seccomp-bpf/trap.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef CONTENT_COMMON_SANDBOX_LINUX_SANDBOX_LINUX_H_ 5 #ifndef CONTENT_COMMON_SANDBOX_LINUX_SANDBOX_LINUX_H_
6 #define CONTENT_COMMON_SANDBOX_LINUX_SANDBOX_LINUX_H_ 6 #define CONTENT_COMMON_SANDBOX_LINUX_SANDBOX_LINUX_H_
7 7
8 #include <string> 8 #include <string>
9 9
10 #include "base/basictypes.h" 10 #include "base/basictypes.h"
(...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after
78 // started we will crash. 78 // started we will crash.
79 bool StartSeccompBPF(const std::string& process_type); 79 bool StartSeccompBPF(const std::string& process_type);
80 80
81 // Limit the address space of the current process (and its children). 81 // Limit the address space of the current process (and its children).
82 // to make some vulnerabilities harder to exploit. 82 // to make some vulnerabilities harder to exploit.
83 bool LimitAddressSpace(const std::string& process_type); 83 bool LimitAddressSpace(const std::string& process_type);
84 84
85 private: 85 private:
86 friend struct DefaultSingletonTraits<LinuxSandbox>; 86 friend struct DefaultSingletonTraits<LinuxSandbox>;
87 87
88 LinuxSandbox();
89 ~LinuxSandbox();
90
88 // Some methods are static and get an instance of the Singleton. These 91 // Some methods are static and get an instance of the Singleton. These
89 // are the non-static implementations. 92 // are the non-static implementations.
90 bool InitializeSandboxImpl(); 93 bool InitializeSandboxImpl();
91 void StopThreadImpl(base::Thread* thread); 94 void StopThreadImpl(base::Thread* thread);
92 // We must have been pre_initialized_ before using this. 95 // We must have been pre_initialized_ before using this.
93 bool seccomp_bpf_supported() const; 96 bool seccomp_bpf_supported() const;
94 // Returns true if it can be determined that the current process has open 97 // Returns true if it can be determined that the current process has open
95 // directories that are not managed by the LinuxSandbox class. This would 98 // directories that are not managed by the LinuxSandbox class. This would
96 // be a vulnerability as it would allow to bypass the setuid sandbox. 99 // be a vulnerability as it would allow to bypass the setuid sandbox.
97 bool HasOpenDirectories() const; 100 bool HasOpenDirectories() const;
(...skipping 13 matching lines...) Expand all
111 int proc_fd_; 114 int proc_fd_;
112 bool seccomp_bpf_started_; 115 bool seccomp_bpf_started_;
113 // The value returned by GetStatus(). Gets computed once and then cached. 116 // The value returned by GetStatus(). Gets computed once and then cached.
114 int sandbox_status_flags_; 117 int sandbox_status_flags_;
115 // Did PreinitializeSandbox() run? 118 // Did PreinitializeSandbox() run?
116 bool pre_initialized_; 119 bool pre_initialized_;
117 bool seccomp_bpf_supported_; // Accurate if pre_initialized_. 120 bool seccomp_bpf_supported_; // Accurate if pre_initialized_.
118 bool yama_is_enforcing_; // Accurate if pre_initialized_. 121 bool yama_is_enforcing_; // Accurate if pre_initialized_.
119 scoped_ptr<sandbox::SetuidSandboxClient> setuid_sandbox_client_; 122 scoped_ptr<sandbox::SetuidSandboxClient> setuid_sandbox_client_;
120 123
121 ~LinuxSandbox(); 124 DISALLOW_COPY_AND_ASSIGN(LinuxSandbox);
122 DISALLOW_IMPLICIT_CONSTRUCTORS(LinuxSandbox);
123 }; 125 };
124 126
125 } // namespace content 127 } // namespace content
126 128
127 #endif // CONTENT_COMMON_SANDBOX_LINUX_SANDBOX_LINUX_H_ 129 #endif // CONTENT_COMMON_SANDBOX_LINUX_SANDBOX_LINUX_H_
OLDNEW
« no previous file with comments | « no previous file | sandbox/linux/seccomp-bpf/trap.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698