| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef SANDBOX_LINUX_SUID_CLIENT_SETUID_SANDBOX_HOST_H_ | 5 #ifndef SANDBOX_LINUX_SUID_CLIENT_SETUID_SANDBOX_HOST_H_ |
| 6 #define SANDBOX_LINUX_SUID_CLIENT_SETUID_SANDBOX_HOST_H_ | 6 #define SANDBOX_LINUX_SUID_CLIENT_SETUID_SANDBOX_HOST_H_ |
| 7 | 7 |
| 8 #include <memory> | 8 #include <memory> |
| 9 | 9 |
| 10 #include "base/files/file_path.h" | 10 #include "base/files/file_path.h" |
| (...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 43 // CHROME_DEVEL_SANDBOX environment variable used for user-managed builds. If | 43 // CHROME_DEVEL_SANDBOX environment variable used for user-managed builds. If |
| 44 // the sandbox binary cannot be found, it will return an empty FilePath. | 44 // the sandbox binary cannot be found, it will return an empty FilePath. |
| 45 base::FilePath GetSandboxBinaryPath(); | 45 base::FilePath GetSandboxBinaryPath(); |
| 46 | 46 |
| 47 // Modify |cmd_line| to launch via the setuid sandbox. Crash if the setuid | 47 // Modify |cmd_line| to launch via the setuid sandbox. Crash if the setuid |
| 48 // sandbox binary cannot be found. |cmd_line| must not be NULL. | 48 // sandbox binary cannot be found. |cmd_line| must not be NULL. |
| 49 void PrependWrapper(base::CommandLine* cmd_line); | 49 void PrependWrapper(base::CommandLine* cmd_line); |
| 50 | 50 |
| 51 // Set-up the launch options for launching via the setuid sandbox. Caller is | 51 // Set-up the launch options for launching via the setuid sandbox. Caller is |
| 52 // responsible for keeping |dummy_fd| alive until LaunchProcess() completes. | 52 // responsible for keeping |dummy_fd| alive until LaunchProcess() completes. |
| 53 // |options| and |fds_to_remap| must not be NULL. | 53 // |options| must not be NULL. This function will append to |
| 54 // options->fds_to_remap so the caller should take care to append rather than |
| 55 // overwrite if it has additional FDs. |
| 54 // (Keeping |dummy_fd| alive is an unfortunate historical artifact of the | 56 // (Keeping |dummy_fd| alive is an unfortunate historical artifact of the |
| 55 // chrome-sandbox ABI.) | 57 // chrome-sandbox ABI.) |
| 56 void SetupLaunchOptions(base::LaunchOptions* options, | 58 void SetupLaunchOptions(base::LaunchOptions* options, |
| 57 base::FileHandleMappingVector* fds_to_remap, | |
| 58 base::ScopedFD* dummy_fd); | 59 base::ScopedFD* dummy_fd); |
| 59 | 60 |
| 60 // Set-up the environment. This should be done prior to launching the setuid | 61 // Set-up the environment. This should be done prior to launching the setuid |
| 61 // helper. | 62 // helper. |
| 62 void SetupLaunchEnvironment(); | 63 void SetupLaunchEnvironment(); |
| 63 | 64 |
| 64 private: | 65 private: |
| 65 explicit SetuidSandboxHost(std::unique_ptr<base::Environment> env); | 66 explicit SetuidSandboxHost(std::unique_ptr<base::Environment> env); |
| 66 | 67 |
| 67 // Holds the environment. Will never be NULL. | 68 // Holds the environment. Will never be NULL. |
| 68 std::unique_ptr<base::Environment> env_; | 69 std::unique_ptr<base::Environment> env_; |
| 69 | 70 |
| 70 DISALLOW_COPY_AND_ASSIGN(SetuidSandboxHost); | 71 DISALLOW_COPY_AND_ASSIGN(SetuidSandboxHost); |
| 71 }; | 72 }; |
| 72 | 73 |
| 73 } // namespace sandbox | 74 } // namespace sandbox |
| 74 | 75 |
| 75 #endif // SANDBOX_LINUX_SUID_CLIENT_SETUID_SANDBOX_HOST_H_ | 76 #endif // SANDBOX_LINUX_SUID_CLIENT_SETUID_SANDBOX_HOST_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2950153002:
Improve process launch handle sharing API. (Closed)
