Chromium Code Reviews Chromium Code Reviews
Issue 949943003:
In preparation for adding appcontainer token to renderer, these are content side changes. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: content/browser/renderer_host/render_process_host_impl.cc |
| diff --git a/content/browser/renderer_host/render_process_host_impl.cc b/content/browser/renderer_host/render_process_host_impl.cc |
| index 6564c4387af6adf60c5fec2b6075833d5bbef054..8e5f9faf599ef9e2a7ac07b8f5bf77599b6c07af 100644 |
| --- a/content/browser/renderer_host/render_process_host_impl.cc |
| +++ b/content/browser/renderer_host/render_process_host_impl.cc |
| @@ -166,8 +166,10 @@ |
| #if defined(OS_WIN) |
| #include "base/win/scoped_com_initializer.h" |
| +#include "base/win/windows_version.h" |
| #include "content/common/font_cache_dispatcher_win.h" |
| #include "content/common/sandbox_win.h" |
| +#include "sandbox/win/src/sandbox_policy.h" |
| #include "ui/gfx/win/dpi.h" |
| #endif |
| @@ -326,6 +328,20 @@ class RendererSandboxedProcessLauncherDelegate |
| virtual void PreSpawnTarget(sandbox::TargetPolicy* policy, |
| bool* success) { |
| AddBaseHandleClosePolicy(policy); |
| + |
| + if (base::win::GetVersion() >= base::win::VERSION_WIN8) { |
| + // TODO(shrikant): Check if these constants should be different across |
| + // various versions of Chromium code base or could be same. |
| + // If there should be different SID per channel then move this code |
| + // in chrome rather than content and assign SID based on |
| + // VersionInfo::GetChannel(). |
| + const wchar_t kAppContainerSid[] = |
| + L"S-1-15-2-3251537155-1984446955-2931258699-841473695-1938553385-" |
| + L"924012148-129201922"; |
| + |
|
cpu_(ooo_6.6-7.5)
2015/03/02 22:31:32
at least lets have two sids, one for chrome and on
Shrikant Kelkar
2015/03/02 23:03:44
Okay, then actually should I add policy inside
co
|
| + policy->SetLowBox(kAppContainerSid); |
| + } |
| + |
| GetContentClient()->browser()->PreSpawnRenderer(policy, success); |
| } |
