Index: sandbox/linux/services/credentials.h |
diff --git a/sandbox/linux/services/credentials.h b/sandbox/linux/services/credentials.h |
index 83f2c7084e51a35b99fad33d3b71d31391056824..037dfb7c44570fb81f2c16e1faf0a1f2c9b5b484 100644 |
--- a/sandbox/linux/services/credentials.h |
+++ b/sandbox/linux/services/credentials.h |
@@ -49,6 +49,13 @@ class SANDBOX_EXPORT Credentials { |
const std::vector<LinuxCapability>& caps) |
WARN_UNUSED_RESULT; |
+ // Versions of the above functions which do not check that the process is |
+ // single-threaded. After calling these functions, capabilities of other |
+ // threads will not be changed. |
+ static bool DropAllCapabilitiesOnCurrentThread() WARN_UNUSED_RESULT; |
+ static bool SetCapabilitiesOnCurrentThread( |
+ const std::vector<LinuxCapability>& caps) WARN_UNUSED_RESULT; |
+ |
// Returns true if the current thread has either the effective, permitted, or |
// inheritable flag set for the given capability. |
static bool HasCapability(LinuxCapability cap); |