components/nacl/browser/nacl_process_host.cc - Issue 338523007: Pepper: Whitelist dev channel APIs for some apps.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: components/nacl/browser/nacl_process_host.cc

Issue 338523007: Pepper: Whitelist dev channel APIs for some apps. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: gross pnacl hack Created 6 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: components/nacl/browser/nacl_process_host.cc

diff --git a/components/nacl/browser/nacl_process_host.cc b/components/nacl/browser/nacl_process_host.cc

index cbb716c9197524929435a25d6e14e3fcdc3013b2..6a4af07ae5aed4a6db9e26d4fa5adaf4647290bb 100644

--- a/components/nacl/browser/nacl_process_host.cc

+++ b/components/nacl/browser/nacl_process_host.cc

@@ -38,6 +38,8 @@

#include "content/public/browser/browser_ppapi_host.h"

#include "content/public/browser/child_process_data.h"

#include "content/public/browser/plugin_service.h"

+#include "content/public/browser/render_process_host.h"

+#include "content/public/browser/web_contents.h"

#include "content/public/common/child_process_host.h"

#include "content/public/common/content_switches.h"

#include "content/public/common/process_type.h"

@@ -228,16 +230,6 @@ bool ShareHandleToSelLdr(

return true;

}

-ppapi::PpapiPermissions GetNaClPermissions(uint32 permission_bits) {

- // Only allow NaCl plugins to request certain permissions. We don't want

- // a compromised renderer to be able to start a nacl plugin with e.g. Flash

- // permissions which may expand the surface area of the sandbox.

- uint32 masked_bits = permission_bits & ppapi::PERMISSION_DEV;

- if (content::PluginService::GetInstance()->PpapiDevChannelSupported())

- masked_bits |= ppapi::PERMISSION_DEV_CHANNEL;

- return ppapi::PpapiPermissions::GetForCommandLine(masked_bits);

} // namespace

namespace nacl {

@@ -257,6 +249,7 @@ unsigned NaClProcessHost::keepalive_throttle_interval_milliseconds_ =

ppapi::kKeepaliveThrottleIntervalDefaultMilliseconds;

NaClProcessHost::NaClProcessHost(const GURL& manifest_url,

+ ppapi::PpapiPermissions permissions,

int render_view_id,

uint32 permission_bits,

bool uses_irt,

@@ -267,7 +260,7 @@ NaClProcessHost::NaClProcessHost(const GURL& manifest_url,

bool off_the_record,

const base::FilePath& profile_directory)

: manifest_url_(manifest_url),

- permissions_(GetNaClPermissions(permission_bits)),

+ permissions_(permissions),

#if defined(OS_WIN)

process_launched_by_broker_(false),

#endif

« no previous file with comments | « components/nacl/browser/nacl_process_host.h ('k') | components/nacl/common/nacl_types.cc » ('j') | no next file with comments »