Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(600)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/ui/webui/about_ui.cc

Issue 873283004: Add namespace sandbox to about page. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Update comment. Created 5 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/app/generated_resources.grd ('k') | content/common/sandbox_linux/sandbox_linux.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/ui/webui/about_ui.h" 5 #include "chrome/browser/ui/webui/about_ui.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 #include <string> 8 #include <string>
9 #include <utility> 9 #include <utility>
10 #include <vector> 10 #include <vector>
(...skipping 825 matching lines...) Expand 10 before | Expand all | Expand 10 after
836 AppendBody(&data); 836 AppendBody(&data);
837 base::FilePath binary = base::CommandLine::ForCurrentProcess()->GetProgram(); 837 base::FilePath binary = base::CommandLine::ForCurrentProcess()->GetProgram();
838 data.append(l10n_util::GetStringFUTF8( 838 data.append(l10n_util::GetStringFUTF8(
839 IDS_ABOUT_LINUX_PROXY_CONFIG_BODY, 839 IDS_ABOUT_LINUX_PROXY_CONFIG_BODY,
840 l10n_util::GetStringUTF16(IDS_PRODUCT_NAME), 840 l10n_util::GetStringUTF16(IDS_PRODUCT_NAME),
841 base::ASCIIToUTF16(binary.BaseName().value()))); 841 base::ASCIIToUTF16(binary.BaseName().value())));
842 AppendFooter(&data); 842 AppendFooter(&data);
843 return data; 843 return data;
844 } 844 }
845 845
846 void AboutSandboxRow(std::string* data, const std::string& prefix, int name_id, 846 void AboutSandboxRow(std::string* data, int name_id, bool good) {
847 bool good) {
848 data->append("<tr><td>"); 847 data->append("<tr><td>");
849 data->append(prefix);
850 data->append(l10n_util::GetStringUTF8(name_id)); 848 data->append(l10n_util::GetStringUTF8(name_id));
851 if (good) { 849 if (good) {
852 data->append("</td><td style='color: green;'>"); 850 data->append("</td><td style='color: green;'>");
853 data->append( 851 data->append(
854 l10n_util::GetStringUTF8(IDS_CONFIRM_MESSAGEBOX_YES_BUTTON_LABEL)); 852 l10n_util::GetStringUTF8(IDS_CONFIRM_MESSAGEBOX_YES_BUTTON_LABEL));
855 } else { 853 } else {
856 data->append("</td><td style='color: red;'>"); 854 data->append("</td><td style='color: red;'>");
857 data->append( 855 data->append(
858 l10n_util::GetStringUTF8(IDS_CONFIRM_MESSAGEBOX_NO_BUTTON_LABEL)); 856 l10n_util::GetStringUTF8(IDS_CONFIRM_MESSAGEBOX_NO_BUTTON_LABEL));
859 } 857 }
860 data->append("</td></tr>"); 858 data->append("</td></tr>");
861 } 859 }
862 860
863 std::string AboutSandbox() { 861 std::string AboutSandbox() {
864 std::string data; 862 std::string data;
865 AppendHeader(&data, 0, l10n_util::GetStringUTF8(IDS_ABOUT_SANDBOX_TITLE)); 863 AppendHeader(&data, 0, l10n_util::GetStringUTF8(IDS_ABOUT_SANDBOX_TITLE));
866 AppendBody(&data); 864 AppendBody(&data);
867 data.append("<h1>"); 865 data.append("<h1>");
868 data.append(l10n_util::GetStringUTF8(IDS_ABOUT_SANDBOX_TITLE)); 866 data.append(l10n_util::GetStringUTF8(IDS_ABOUT_SANDBOX_TITLE));
869 data.append("</h1>"); 867 data.append("</h1>");
870 868
871 // Get expected sandboxing status of renderers. 869 // Get expected sandboxing status of renderers.
872 const int status = content::ZygoteHost::GetInstance()->GetSandboxStatus(); 870 const int status = content::ZygoteHost::GetInstance()->GetSandboxStatus();
873 871
874 data.append("<table>"); 872 data.append("<table>");
875 873
876 AboutSandboxRow(&data, 874 AboutSandboxRow(&data, IDS_ABOUT_SANDBOX_SUID_SANDBOX,
877 std::string(),
878 IDS_ABOUT_SANDBOX_SUID_SANDBOX,
879 status & content::kSandboxLinuxSUID); 875 status & content::kSandboxLinuxSUID);
880 AboutSandboxRow(&data, "&nbsp;&nbsp;", IDS_ABOUT_SANDBOX_PID_NAMESPACES, 876 AboutSandboxRow(&data, IDS_ABOUT_SANDBOX_NAMESPACE_SANDBOX,
877 status & content::kSandboxLinuxUserNS);
878 AboutSandboxRow(&data, IDS_ABOUT_SANDBOX_PID_NAMESPACES,
881 status & content::kSandboxLinuxPIDNS); 879 status & content::kSandboxLinuxPIDNS);
882 AboutSandboxRow(&data, "&nbsp;&nbsp;", IDS_ABOUT_SANDBOX_NET_NAMESPACES, 880 AboutSandboxRow(&data, IDS_ABOUT_SANDBOX_NET_NAMESPACES,
883 status & content::kSandboxLinuxNetNS); 881 status & content::kSandboxLinuxNetNS);
884 AboutSandboxRow(&data, 882 AboutSandboxRow(&data, IDS_ABOUT_SANDBOX_SECCOMP_BPF_SANDBOX,
885 std::string(),
886 IDS_ABOUT_SANDBOX_SECCOMP_BPF_SANDBOX,
887 status & content::kSandboxLinuxSeccompBPF); 883 status & content::kSandboxLinuxSeccompBPF);
888 AboutSandboxRow(&data, 884 AboutSandboxRow(&data, IDS_ABOUT_SANDBOX_SECCOMP_BPF_SANDBOX_TSYNC,
889 std::string(),
890 IDS_ABOUT_SANDBOX_SECCOMP_BPF_SANDBOX_TSYNC,
891 status & content::kSandboxLinuxSeccompTSYNC); 885 status & content::kSandboxLinuxSeccompTSYNC);
892 AboutSandboxRow(&data, 886 AboutSandboxRow(&data, IDS_ABOUT_SANDBOX_YAMA_LSM,
893 std::string(),
894 IDS_ABOUT_SANDBOX_YAMA_LSM,
895 status & content::kSandboxLinuxYama); 887 status & content::kSandboxLinuxYama);
896 888
897 data.append("</table>"); 889 data.append("</table>");
898 890
899 // The setuid sandbox is required as our first-layer sandbox. 891 // Require either the setuid or namespace sandbox for our first-layer sandbox.
900 bool good_layer1 = status & content::kSandboxLinuxSUID && 892 bool good_layer1 = (status & content::kSandboxLinuxSUID ||
893 status & content::kSandboxLinuxUserNS) &&
901 status & content::kSandboxLinuxPIDNS && 894 status & content::kSandboxLinuxPIDNS &&
902 status & content::kSandboxLinuxNetNS; 895 status & content::kSandboxLinuxNetNS;
903 // A second-layer sandbox is also required to be adequately sandboxed. 896 // A second-layer sandbox is also required to be adequately sandboxed.
904 bool good_layer2 = status & content::kSandboxLinuxSeccompBPF; 897 bool good_layer2 = status & content::kSandboxLinuxSeccompBPF;
905 bool good = good_layer1 && good_layer2; 898 bool good = good_layer1 && good_layer2;
906 899
907 if (good) { 900 if (good) {
908 data.append("<p style='color: green'>"); 901 data.append("<p style='color: green'>");
909 data.append(l10n_util::GetStringUTF8(IDS_ABOUT_SANDBOX_OK)); 902 data.append(l10n_util::GetStringUTF8(IDS_ABOUT_SANDBOX_OK));
910 } else { 903 } else {
(...skipping 255 matching lines...) Expand 10 before | Expand all | Expand 10 after
1166 Profile* profile = Profile::FromWebUI(web_ui); 1159 Profile* profile = Profile::FromWebUI(web_ui);
1167 1160
1168 #if defined(ENABLE_THEMES) 1161 #if defined(ENABLE_THEMES)
1169 // Set up the chrome://theme/ source. 1162 // Set up the chrome://theme/ source.
1170 ThemeSource* theme = new ThemeSource(profile); 1163 ThemeSource* theme = new ThemeSource(profile);
1171 content::URLDataSource::Add(profile, theme); 1164 content::URLDataSource::Add(profile, theme);
1172 #endif 1165 #endif
1173 1166
1174 content::URLDataSource::Add(profile, new AboutUIHTMLSource(name, profile)); 1167 content::URLDataSource::Add(profile, new AboutUIHTMLSource(name, profile));
1175 } 1168 }
OLDNEW
« no previous file with comments | « chrome/app/generated_resources.grd ('k') | content/common/sandbox_linux/sandbox_linux.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698