Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(147)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/extensions/api/messaging/native_process_launcher_posix.cc

Issue 304083002: Don't use no_new_privs mode when running NM process on Linux (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/extensions/api/messaging/native_process_launcher.h" 5 #include "chrome/browser/extensions/api/messaging/native_process_launcher.h"
6 6
7 #include "base/command_line.h" 7 #include "base/command_line.h"
8 #include "base/file_util.h" 8 #include "base/file_util.h"
9 #include "base/files/scoped_file.h" 9 #include "base/files/scoped_file.h"
10 #include "base/logging.h" 10 #include "base/logging.h"
(...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after
67 if (HANDLE_EINTR(pipe(write_pipe_fds)) != 0) { 67 if (HANDLE_EINTR(pipe(write_pipe_fds)) != 0) {
68 LOG(ERROR) << "Bad write pipe"; 68 LOG(ERROR) << "Bad write pipe";
69 return false; 69 return false;
70 } 70 }
71 base::ScopedFD write_pipe_read_fd(write_pipe_fds[0]); 71 base::ScopedFD write_pipe_read_fd(write_pipe_fds[0]);
72 base::ScopedFD write_pipe_write_fd(write_pipe_fds[1]); 72 base::ScopedFD write_pipe_write_fd(write_pipe_fds[1]);
73 fd_map.push_back(std::make_pair(write_pipe_read_fd.get(), STDIN_FILENO)); 73 fd_map.push_back(std::make_pair(write_pipe_read_fd.get(), STDIN_FILENO));
74 74
75 base::LaunchOptions options; 75 base::LaunchOptions options;
76 options.fds_to_remap = &fd_map; 76 options.fds_to_remap = &fd_map;
77
78 // Don't use no_new_privs mode, e.g. in case the host needs to use sudo.
Lambros 2014/05/29 01:52:28 Is "host" the right terminology?
Sergey Ulanov 2014/05/29 01:57:59 Yes. Native Messaging Host.
79 options.allow_new_privs = true;
jln (very slow on Chromium) 2014/05/29 19:18:58 As discussed in the bug, let's scope this to non C
Sergey Ulanov 2014/05/29 19:57:39 Done.
Sergey Ulanov 2014/05/29 19:59:38 Please note that currently this code is never exec
80
77 if (!base::LaunchProcess(command_line, options, process_handle)) { 81 if (!base::LaunchProcess(command_line, options, process_handle)) {
78 LOG(ERROR) << "Error launching process"; 82 LOG(ERROR) << "Error launching process";
79 return false; 83 return false;
80 } 84 }
81 85
82 // We will not be reading from the write pipe, nor writing from the read pipe. 86 // We will not be reading from the write pipe, nor writing from the read pipe.
83 write_pipe_read_fd.reset(); 87 write_pipe_read_fd.reset();
84 read_pipe_write_fd.reset(); 88 read_pipe_write_fd.reset();
85 89
86 *read_file = base::File(read_pipe_read_fd.release()); 90 *read_file = base::File(read_pipe_read_fd.release());
87 *write_file = base::File(write_pipe_write_fd.release()); 91 *write_file = base::File(write_pipe_write_fd.release());
88 92
89 return true; 93 return true;
90 } 94 }
91 95
92 } // namespace extensions 96 } // namespace extensions
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698