Revert of Define a bootstrap sandbox policy for renderer processes and enable it.

content/browser/mach_broker_mac.mm

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/browser/mach_broker_mac.h"
 
 #include <bsm/libbsm.h>
 #include <servers/bootstrap.h>
 
 #include "base/bind.h"
@@ skipping 114 matching lines @@
  private:
   // The MachBroker to use when new child task rights are received.  Can be
   // NULL.
   MachBroker* broker_;  // weak
 
   base::mac::ScopedMachReceiveRight server_port_;
 
   DISALLOW_COPY_AND_ASSIGN(MachListenerThreadDelegate);
 };
 
-// static
 bool MachBroker::ChildSendTaskPortToParent() {
   // Look up the named MachBroker port that's been registered with the
   // bootstrap server.
   mach_port_t parent_port;
   kern_return_t kr = bootstrap_look_up(bootstrap_port,
       const_cast<char*>(GetMachPortName().c_str()), &parent_port);
   if (kr != KERN_SUCCESS) {
     BOOTSTRAP_LOG(ERROR, kr) << "bootstrap_look_up";
     return false;
   }
@@ skipping 15 matching lines @@
   kr = mach_msg(&msg.header, MACH_SEND_MSG | MACH_SEND_TIMEOUT, sizeof(msg),
       0, MACH_PORT_NULL, 100 /*milliseconds*/, MACH_PORT_NULL);
   if (kr != KERN_SUCCESS) {
     MACH_LOG(ERROR, kr) << "mach_msg";
     return false;
   }
 
   return true;
 }
 
-// static
-std::string MachBroker::GetMachPortName() {
-  const CommandLine* command_line = CommandLine::ForCurrentProcess();
-  const bool is_child = command_line->HasSwitch(switches::kProcessType);
-
-  // In non-browser (child) processes, use the parent's pid.
-  const pid_t pid = is_child ? getppid() : getpid();
-  return base::StringPrintf("%s.rohitfork.%d", base::mac::BaseBundleID(), pid);
-}
-
-// static
 MachBroker* MachBroker::GetInstance() {
   return Singleton<MachBroker, LeakySingletonTraits<MachBroker> >::get();
 }
 
 base::Lock& MachBroker::GetLock() {
   return lock_;
 }
 
 void MachBroker::EnsureRunning() {
   lock_.AssertAcquired();
@@ skipping 87 matching lines @@
   MachBroker::MachMap::iterator it = mach_map_.find(pid);
   if (it == mach_map_.end())
     return;
 
   kern_return_t kr = mach_port_deallocate(mach_task_self(),
                                           it->second);
   MACH_LOG_IF(WARNING, kr != KERN_SUCCESS, kr) << "mach_port_deallocate";
   mach_map_.erase(it);
 }
 
+// static
+std::string MachBroker::GetMachPortName() {
+  const CommandLine* command_line = CommandLine::ForCurrentProcess();
+  const bool is_child = command_line->HasSwitch(switches::kProcessType);
+
+  // In non-browser (child) processes, use the parent's pid.
+  const pid_t pid = is_child ? getppid() : getpid();
+  return base::StringPrintf("%s.rohitfork.%d", base::mac::BaseBundleID(), pid);
+}
+
 void MachBroker::RegisterNotifications() {
   registrar_.Add(this, NOTIFICATION_RENDERER_PROCESS_CLOSED,
                  NotificationService::AllBrowserContextsAndSources());
   registrar_.Add(this, NOTIFICATION_RENDERER_PROCESS_TERMINATED,
                  NotificationService::AllBrowserContextsAndSources());
 
   // No corresponding StopObservingBrowserChildProcesses,
   // we leak this singleton.
   BrowserChildProcessObserver::Add(this);
 }
 
 }  // namespace content