Chromium Code Reviews Chromium Code Reviews
Issue
347783002:
Alter the design of the bootstrap sandbox to only take over the bootstrap port of children when nec… (Closed)
DescriptionAlter the design of the bootstrap sandbox to only take over the bootstrap port of children when necessary.
Rather than replacing the bootstrap port outright in the browser process, this
change merely registers the sandboxed bootstrap port with launchd. When a
sandboxed child is being launched with base::LaunchProcess(), a new
LaunchOptions can specify a bootstrap name to look up and use as a replacement
bootstrap port.
The bootstrap port in the new child is replaced after fork() but before exec().
The kernel clears the IPC space during both of these system calls, so no other
references to the original bootstrap port will exist after replacing the port
with the sandboxed one and exec()ing.
This change also partially reverts r276026, which introduced a permissive
policy for NPAPI plugins. Since those plugins are no longer affected by the
bootstrap sandbox, it can be removed.
BUG=367863, 383513, 383517, 383791, 386330
R=jam@chromium.org, mark@chromium.org
Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=278530
Patch Set 1 #Patch Set 2 : bootstrap_check_in #
Total comments: 4
Patch Set 3 : Address comments #
Messages
Total messages: 6 (0 generated)
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
