| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ui/webui/about_ui.h" | 5 #include "chrome/browser/ui/webui/about_ui.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <string> | 8 #include <string> |
| 9 #include <utility> | 9 #include <utility> |
| 10 #include <vector> | 10 #include <vector> |
| (...skipping 657 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 668 AppendBody(&data); | 668 AppendBody(&data); |
| 669 base::FilePath binary = base::CommandLine::ForCurrentProcess()->GetProgram(); | 669 base::FilePath binary = base::CommandLine::ForCurrentProcess()->GetProgram(); |
| 670 data.append(l10n_util::GetStringFUTF8( | 670 data.append(l10n_util::GetStringFUTF8( |
| 671 IDS_ABOUT_LINUX_PROXY_CONFIG_BODY, | 671 IDS_ABOUT_LINUX_PROXY_CONFIG_BODY, |
| 672 l10n_util::GetStringUTF16(IDS_PRODUCT_NAME), | 672 l10n_util::GetStringUTF16(IDS_PRODUCT_NAME), |
| 673 base::ASCIIToUTF16(binary.BaseName().value()))); | 673 base::ASCIIToUTF16(binary.BaseName().value()))); |
| 674 AppendFooter(&data); | 674 AppendFooter(&data); |
| 675 return data; | 675 return data; |
| 676 } | 676 } |
| 677 | 677 |
| 678 void AboutSandboxRow(std::string* data, const std::string& prefix, int name_id, | 678 void AboutSandboxRow(std::string* data, int name_id, bool good) { |
| 679 bool good) { | |
| 680 data->append("<tr><td>"); | 679 data->append("<tr><td>"); |
| 681 data->append(prefix); | |
| 682 data->append(l10n_util::GetStringUTF8(name_id)); | 680 data->append(l10n_util::GetStringUTF8(name_id)); |
| 683 if (good) { | 681 if (good) { |
| 684 data->append("</td><td style='color: green;'>"); | 682 data->append("</td><td style='color: green;'>"); |
| 685 data->append( | 683 data->append( |
| 686 l10n_util::GetStringUTF8(IDS_CONFIRM_MESSAGEBOX_YES_BUTTON_LABEL)); | 684 l10n_util::GetStringUTF8(IDS_CONFIRM_MESSAGEBOX_YES_BUTTON_LABEL)); |
| 687 } else { | 685 } else { |
| 688 data->append("</td><td style='color: red;'>"); | 686 data->append("</td><td style='color: red;'>"); |
| 689 data->append( | 687 data->append( |
| 690 l10n_util::GetStringUTF8(IDS_CONFIRM_MESSAGEBOX_NO_BUTTON_LABEL)); | 688 l10n_util::GetStringUTF8(IDS_CONFIRM_MESSAGEBOX_NO_BUTTON_LABEL)); |
| 691 } | 689 } |
| 692 data->append("</td></tr>"); | 690 data->append("</td></tr>"); |
| 693 } | 691 } |
| 694 | 692 |
| 695 std::string AboutSandbox() { | 693 std::string AboutSandbox() { |
| 696 std::string data; | 694 std::string data; |
| 697 AppendHeader(&data, 0, l10n_util::GetStringUTF8(IDS_ABOUT_SANDBOX_TITLE)); | 695 AppendHeader(&data, 0, l10n_util::GetStringUTF8(IDS_ABOUT_SANDBOX_TITLE)); |
| 698 AppendBody(&data); | 696 AppendBody(&data); |
| 699 data.append("<h1>"); | 697 data.append("<h1>"); |
| 700 data.append(l10n_util::GetStringUTF8(IDS_ABOUT_SANDBOX_TITLE)); | 698 data.append(l10n_util::GetStringUTF8(IDS_ABOUT_SANDBOX_TITLE)); |
| 701 data.append("</h1>"); | 699 data.append("</h1>"); |
| 702 | 700 |
| 703 // Get expected sandboxing status of renderers. | 701 // Get expected sandboxing status of renderers. |
| 704 const int status = content::ZygoteHost::GetInstance()->GetSandboxStatus(); | 702 const int status = content::ZygoteHost::GetInstance()->GetSandboxStatus(); |
| 705 | 703 |
| 706 data.append("<table>"); | 704 data.append("<table>"); |
| 707 | 705 |
| 708 AboutSandboxRow(&data, | 706 AboutSandboxRow(&data, IDS_ABOUT_SANDBOX_SUID_SANDBOX, |
| 709 std::string(), | |
| 710 IDS_ABOUT_SANDBOX_SUID_SANDBOX, | |
| 711 status & content::kSandboxLinuxSUID); | 707 status & content::kSandboxLinuxSUID); |
| 712 AboutSandboxRow(&data, " ", IDS_ABOUT_SANDBOX_PID_NAMESPACES, | 708 AboutSandboxRow(&data, IDS_ABOUT_SANDBOX_NAMESPACE_SANDBOX, |
| 709 status & content::kSandboxLinuxUserNS); |
| 710 AboutSandboxRow(&data, IDS_ABOUT_SANDBOX_PID_NAMESPACES, |
| 713 status & content::kSandboxLinuxPIDNS); | 711 status & content::kSandboxLinuxPIDNS); |
| 714 AboutSandboxRow(&data, " ", IDS_ABOUT_SANDBOX_NET_NAMESPACES, | 712 AboutSandboxRow(&data, IDS_ABOUT_SANDBOX_NET_NAMESPACES, |
| 715 status & content::kSandboxLinuxNetNS); | 713 status & content::kSandboxLinuxNetNS); |
| 716 AboutSandboxRow(&data, | 714 AboutSandboxRow(&data, IDS_ABOUT_SANDBOX_SECCOMP_BPF_SANDBOX, |
| 717 std::string(), | |
| 718 IDS_ABOUT_SANDBOX_SECCOMP_BPF_SANDBOX, | |
| 719 status & content::kSandboxLinuxSeccompBPF); | 715 status & content::kSandboxLinuxSeccompBPF); |
| 720 AboutSandboxRow(&data, | 716 AboutSandboxRow(&data, IDS_ABOUT_SANDBOX_SECCOMP_BPF_SANDBOX_TSYNC, |
| 721 std::string(), | |
| 722 IDS_ABOUT_SANDBOX_SECCOMP_BPF_SANDBOX_TSYNC, | |
| 723 status & content::kSandboxLinuxSeccompTSYNC); | 717 status & content::kSandboxLinuxSeccompTSYNC); |
| 724 AboutSandboxRow(&data, | 718 AboutSandboxRow(&data, IDS_ABOUT_SANDBOX_YAMA_LSM, |
| 725 std::string(), | |
| 726 IDS_ABOUT_SANDBOX_YAMA_LSM, | |
| 727 status & content::kSandboxLinuxYama); | 719 status & content::kSandboxLinuxYama); |
| 728 | 720 |
| 729 data.append("</table>"); | 721 data.append("</table>"); |
| 730 | 722 |
| 731 // The setuid sandbox is required as our first-layer sandbox. | 723 // Require either the setuid or namespace sandbox for our first-layer sandbox. |
| 732 bool good_layer1 = status & content::kSandboxLinuxSUID && | 724 bool good_layer1 = (status & content::kSandboxLinuxSUID || |
| 725 status & content::kSandboxLinuxUserNS) && |
| 733 status & content::kSandboxLinuxPIDNS && | 726 status & content::kSandboxLinuxPIDNS && |
| 734 status & content::kSandboxLinuxNetNS; | 727 status & content::kSandboxLinuxNetNS; |
| 735 // A second-layer sandbox is also required to be adequately sandboxed. | 728 // A second-layer sandbox is also required to be adequately sandboxed. |
| 736 bool good_layer2 = status & content::kSandboxLinuxSeccompBPF; | 729 bool good_layer2 = status & content::kSandboxLinuxSeccompBPF; |
| 737 bool good = good_layer1 && good_layer2; | 730 bool good = good_layer1 && good_layer2; |
| 738 | 731 |
| 739 if (good) { | 732 if (good) { |
| 740 data.append("<p style='color: green'>"); | 733 data.append("<p style='color: green'>"); |
| 741 data.append(l10n_util::GetStringUTF8(IDS_ABOUT_SANDBOX_OK)); | 734 data.append(l10n_util::GetStringUTF8(IDS_ABOUT_SANDBOX_OK)); |
| 742 } else { | 735 } else { |
| (...skipping 253 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 996 Profile* profile = Profile::FromWebUI(web_ui); | 989 Profile* profile = Profile::FromWebUI(web_ui); |
| 997 | 990 |
| 998 #if defined(ENABLE_THEMES) | 991 #if defined(ENABLE_THEMES) |
| 999 // Set up the chrome://theme/ source. | 992 // Set up the chrome://theme/ source. |
| 1000 ThemeSource* theme = new ThemeSource(profile); | 993 ThemeSource* theme = new ThemeSource(profile); |
| 1001 content::URLDataSource::Add(profile, theme); | 994 content::URLDataSource::Add(profile, theme); |
| 1002 #endif | 995 #endif |
| 1003 | 996 |
| 1004 content::URLDataSource::Add(profile, new AboutUIHTMLSource(name, profile)); | 997 content::URLDataSource::Add(profile, new AboutUIHTMLSource(name, profile)); |
| 1005 } | 998 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 916153003:
Add namespace sandbox to about page. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master