| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/extensions/api/messaging/native_process_launcher.h" | 5 #include "chrome/browser/extensions/api/messaging/native_process_launcher.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/file_util.h" | 8 #include "base/file_util.h" |
| 9 #include "base/files/scoped_file.h" | 9 #include "base/files/scoped_file.h" |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| 11 #include "base/path_service.h" | 11 #include "base/path_service.h" |
| 12 #include "base/posix/eintr_wrapper.h" | 12 #include "base/posix/eintr_wrapper.h" |
| 13 #include "base/process/launch.h" | 13 #include "base/process/launch.h" |
| 14 #include "build/build_config.h" |
| 14 #include "chrome/common/chrome_paths.h" | 15 #include "chrome/common/chrome_paths.h" |
| 15 | 16 |
| 16 namespace extensions { | 17 namespace extensions { |
| 17 | 18 |
| 18 namespace { | 19 namespace { |
| 19 | 20 |
| 20 base::FilePath FindManifestInDir(int dir_key, const std::string& host_name) { | 21 base::FilePath FindManifestInDir(int dir_key, const std::string& host_name) { |
| 21 base::FilePath base_path; | 22 base::FilePath base_path; |
| 22 if (PathService::Get(dir_key, &base_path)) { | 23 if (PathService::Get(dir_key, &base_path)) { |
| 23 base::FilePath path = base_path.Append(host_name + ".json"); | 24 base::FilePath path = base_path.Append(host_name + ".json"); |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 67 if (HANDLE_EINTR(pipe(write_pipe_fds)) != 0) { | 68 if (HANDLE_EINTR(pipe(write_pipe_fds)) != 0) { |
| 68 LOG(ERROR) << "Bad write pipe"; | 69 LOG(ERROR) << "Bad write pipe"; |
| 69 return false; | 70 return false; |
| 70 } | 71 } |
| 71 base::ScopedFD write_pipe_read_fd(write_pipe_fds[0]); | 72 base::ScopedFD write_pipe_read_fd(write_pipe_fds[0]); |
| 72 base::ScopedFD write_pipe_write_fd(write_pipe_fds[1]); | 73 base::ScopedFD write_pipe_write_fd(write_pipe_fds[1]); |
| 73 fd_map.push_back(std::make_pair(write_pipe_read_fd.get(), STDIN_FILENO)); | 74 fd_map.push_back(std::make_pair(write_pipe_read_fd.get(), STDIN_FILENO)); |
| 74 | 75 |
| 75 base::LaunchOptions options; | 76 base::LaunchOptions options; |
| 76 options.fds_to_remap = &fd_map; | 77 options.fds_to_remap = &fd_map; |
| 78 |
| 79 #if defined(OS_LINUX) && !defined(OS_CHROMEOS) |
| 80 // Don't use no_new_privs mode, e.g. in case the host needs to use sudo. |
| 81 options.allow_new_privs = true; |
| 82 #endif |
| 83 |
| 77 if (!base::LaunchProcess(command_line, options, process_handle)) { | 84 if (!base::LaunchProcess(command_line, options, process_handle)) { |
| 78 LOG(ERROR) << "Error launching process"; | 85 LOG(ERROR) << "Error launching process"; |
| 79 return false; | 86 return false; |
| 80 } | 87 } |
| 81 | 88 |
| 82 // We will not be reading from the write pipe, nor writing from the read pipe. | 89 // We will not be reading from the write pipe, nor writing from the read pipe. |
| 83 write_pipe_read_fd.reset(); | 90 write_pipe_read_fd.reset(); |
| 84 read_pipe_write_fd.reset(); | 91 read_pipe_write_fd.reset(); |
| 85 | 92 |
| 86 *read_file = base::File(read_pipe_read_fd.release()); | 93 *read_file = base::File(read_pipe_read_fd.release()); |
| 87 *write_file = base::File(write_pipe_write_fd.release()); | 94 *write_file = base::File(write_pipe_write_fd.release()); |
| 88 | 95 |
| 89 return true; | 96 return true; |
| 90 } | 97 } |
| 91 | 98 |
| 92 } // namespace extensions | 99 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 304083002:
Don't use no_new_privs mode when running NM process on Linux (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src