Index: content/zygote/zygote_main_linux.cc |
diff --git a/content/zygote/zygote_main_linux.cc b/content/zygote/zygote_main_linux.cc |
index d1bd8cc076f44cef02f51a3033507e49a43b722e..183bd0e135712f1a9b377c017fb7de795500f508 100644 |
--- a/content/zygote/zygote_main_linux.cc |
+++ b/content/zygote/zygote_main_linux.cc |
@@ -646,10 +646,14 @@ bool ZygoteMain(const MainFunctionParams& params, |
extra_fds.push_back(sancov_socket_fds[1]); |
#endif |
- int sandbox_flags = linux_sandbox->GetStatus(); |
- bool setuid_sandbox_engaged = sandbox_flags & kSandboxLinuxSUID; |
+ const int sandbox_flags = linux_sandbox->GetStatus(); |
+ |
+ const bool setuid_sandbox_engaged = sandbox_flags & kSandboxLinuxSUID; |
CHECK_EQ(using_setuid_sandbox, setuid_sandbox_engaged); |
+ const bool namespace_sandbox_engaged = sandbox_flags & kSandboxLinuxUserNS; |
+ CHECK_EQ(using_namespace_sandbox, namespace_sandbox_engaged); |
+ |
Zygote zygote(sandbox_flags, fork_delegates.Pass(), extra_children, |
extra_fds); |
// This function call can return multiple times, once per fork(). |