Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(364)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/installer/linux/common/wrapper

Issue 314133003: Sanitize standard file descriptors in launcher script (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/installer/linux/common/wrapper
diff --git a/chrome/installer/linux/common/wrapper b/chrome/installer/linux/common/wrapper
index e174637c52f595c7856f820858996f7724211205..d06b6741442a284a0e058b05a52de12de8f795ba 100755
--- a/chrome/installer/linux/common/wrapper
+++ b/chrome/installer/linux/common/wrapper
@@ -73,6 +73,12 @@ if [[ -n "$CHROME_USER_DATA_DIR" ]]; then
PROFILE_DIRECTORY_FLAG="--user-data-dir=$CHROME_USER_DATA_DIR"
fi
+# Sanitize std{in,out,err} because they'll be shared with untrusted child
+# processes (http://crbug.com/376567).
+exec < /dev/null
+exec > >(exec cat)
Lei Zhang 2014/06/05 19:04:27 bash on my machine doesn't seem to recognize this
Lei Zhang 2014/06/05 19:05:32 Err, n/m, ran it with the wrong shell.
+exec 2> >(exec cat >&2)
+
# Note: exec -a below is a bashism.
exec -a "$0" "$HERE/@@PROGNAME@@" @@DEFAULT_FLAGS@@ "$PROFILE_DIRECTORY_FLAG" \
"$@"
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698