| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/linux/suid/client/setuid_sandbox_host.h" | 5 #include "sandbox/linux/suid/client/setuid_sandbox_host.h" |
| 6 | 6 |
| 7 #include <fcntl.h> | 7 #include <fcntl.h> |
| 8 #include <stddef.h> | 8 #include <stddef.h> |
| 9 #include <stdlib.h> | 9 #include <stdlib.h> |
| 10 #include <sys/stat.h> | 10 #include <sys/stat.h> |
| (...skipping 147 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 158 "configured correctly. Rather than run without sandboxing " | 158 "configured correctly. Rather than run without sandboxing " |
| 159 "I'm aborting now. You need to make sure that " | 159 "I'm aborting now. You need to make sure that " |
| 160 << sandbox_binary << " is owned by root and has mode 4755."; | 160 << sandbox_binary << " is owned by root and has mode 4755."; |
| 161 } | 161 } |
| 162 | 162 |
| 163 cmd_line->PrependWrapper(sandbox_binary); | 163 cmd_line->PrependWrapper(sandbox_binary); |
| 164 } | 164 } |
| 165 | 165 |
| 166 void SetuidSandboxHost::SetupLaunchOptions( | 166 void SetuidSandboxHost::SetupLaunchOptions( |
| 167 base::LaunchOptions* options, | 167 base::LaunchOptions* options, |
| 168 base::FileHandleMappingVector* fds_to_remap, | |
| 169 base::ScopedFD* dummy_fd) { | 168 base::ScopedFD* dummy_fd) { |
| 170 DCHECK(options); | 169 DCHECK(options); |
| 171 DCHECK(fds_to_remap); | |
| 172 | 170 |
| 173 // Launching a setuid binary requires PR_SET_NO_NEW_PRIVS to not be used. | 171 // Launching a setuid binary requires PR_SET_NO_NEW_PRIVS to not be used. |
| 174 options->allow_new_privs = true; | 172 options->allow_new_privs = true; |
| 175 UnsetExpectedEnvironmentVariables(&options->environ); | 173 UnsetExpectedEnvironmentVariables(&options->environ); |
| 176 | 174 |
| 177 // Set dummy_fd to the reading end of a closed pipe. | 175 // Set dummy_fd to the reading end of a closed pipe. |
| 178 int pipe_fds[2]; | 176 int pipe_fds[2]; |
| 179 PCHECK(0 == pipe(pipe_fds)); | 177 PCHECK(0 == pipe(pipe_fds)); |
| 180 PCHECK(0 == IGNORE_EINTR(close(pipe_fds[1]))); | 178 PCHECK(0 == IGNORE_EINTR(close(pipe_fds[1]))); |
| 181 dummy_fd->reset(pipe_fds[0]); | 179 dummy_fd->reset(pipe_fds[0]); |
| 182 | 180 |
| 183 // We no longer need a dummy socket for discovering the child's PID, | 181 // We no longer need a dummy socket for discovering the child's PID, |
| 184 // but the sandbox is still hard-coded to expect a file descriptor at | 182 // but the sandbox is still hard-coded to expect a file descriptor at |
| 185 // kZygoteIdFd. Fixing this requires a sandbox API change. :( | 183 // kZygoteIdFd. Fixing this requires a sandbox API change. :( |
| 186 fds_to_remap->push_back(std::make_pair(dummy_fd->get(), kZygoteIdFd)); | 184 options->fds_to_remap.push_back(std::make_pair(dummy_fd->get(), kZygoteIdFd)); |
| 187 } | 185 } |
| 188 | 186 |
| 189 void SetuidSandboxHost::SetupLaunchEnvironment() { | 187 void SetuidSandboxHost::SetupLaunchEnvironment() { |
| 190 SaveSUIDUnsafeEnvironmentVariables(env_.get()); | 188 SaveSUIDUnsafeEnvironmentVariables(env_.get()); |
| 191 SetSandboxAPIEnvironmentVariable(env_.get()); | 189 SetSandboxAPIEnvironmentVariable(env_.get()); |
| 192 } | 190 } |
| 193 | 191 |
| 194 } // namespace sandbox | 192 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2950153002:
Improve process launch handle sharing API. (Closed)
