Google Git
Sign in
chromium / chromium / src.git / 715b4f26c39acb45471ce5c86238c12d0d3ec815^! / . / chrome / browser / zygote_main_linux.cc
commit715b4f26c39acb45471ce5c86238c12d0d3ec815[log] [tgz]
author[email protected] <[email protected]@0039d316-1c4b-4281-b951-d872f2087c98>Tue Jul 13 14:17:28 2010
committer[email protected] <[email protected]@0039d316-1c4b-4281-b951-d872f2087c98>Tue Jul 13 14:17:28 2010
tree9325d73f1cdf7a732fcfbddf2aab688cbf326135
parent12a32ce36874cef26bd5e8b0b64e8a0961b36db2 [diff] [blame]
Add about:sandbox.

(Idea from Julien Tinnes)

BUG=none
TEST=Navigate to about:sandbox on Linux and see the status of the sandbox.

http://codereview.chromium.org/2966003/show

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@52176 0039d316-1c4b-4281-b951-d872f2087c98

diff --git a/chrome/browser/zygote_main_linux.cc b/chrome/browser/zygote_main_linux.cc
index 1dbbbf5..5717390 100644
--- a/chrome/browser/zygote_main_linux.cc
+++ b/chrome/browser/zygote_main_linux.cc

@@ -93,6 +93,10 @@
 // runs it.
 class Zygote {
  public:
+  explicit Zygote(int sandbox_flags)
+      : sandbox_flags_(sandbox_flags) {
+  }
+
   bool ProcessRequests() {
     // A SOCK_SEQPACKET socket is installed in fd 3. We get commands from the
     // browser on it.
@@ -166,6 +170,9 @@
             break;
           HandleDidProcessCrash(fd, pickle, iter);
           return false;
+        case ZygoteHost::kCmdGetSandboxStatus:
+          HandleGetSandboxStatus(fd, pickle, iter);
+          return false;
         default:
           NOTREACHED();
           break;
@@ -351,11 +358,22 @@
     return false;
   }
 
+  bool HandleGetSandboxStatus(int fd, const Pickle& pickle, void* iter) {
+    if (HANDLE_EINTR(write(fd, &sandbox_flags_, sizeof(sandbox_flags_)) !=
+                     sizeof(sandbox_flags_))) {
+      PLOG(ERROR) << "write";
+    }
+
+    return false;
+  }
+
   // In the SUID sandbox, we try to use a new PID namespace. Thus the PIDs
   // fork() returns are not the real PIDs, so we need to map the Real PIDS
   // into the sandbox PID namespace.
   typedef base::hash_map<base::ProcessHandle, base::ProcessHandle> ProcessMap;
   ProcessMap real_pids_to_sandbox_pids;
+
+  const int sandbox_flags_;
 };
 
 // With SELinux we can carve out a precise sandbox, so we don't have to play
@@ -655,6 +673,14 @@
     return false;
   }
 
+  int sandbox_flags = 0;
+  if (getenv("SBX_D"))
+    sandbox_flags |= ZygoteHost::kSandboxSUID;
+  if (getenv("SBX_PID_NS"))
+    sandbox_flags |= ZygoteHost::kSandboxPIDNS;
+  if (getenv("SBX_NET_NS"))
+    sandbox_flags |= ZygoteHost::kSandboxNetNS;
+
 #if defined(SECCOMP_SANDBOX)
   // The seccomp sandbox will be turned on when the renderers start. But we can
   // already check if sufficient support is available so that we only need to
@@ -670,11 +696,12 @@
                     "sandboxing disabled.";
     } else {
       LOG(INFO) << "Enabling experimental Seccomp sandbox.";
+      sandbox_flags |= ZygoteHost::kSandboxSeccomp;
     }
   }
 #endif  // SECCOMP_SANDBOX
 
-  Zygote zygote;
+  Zygote zygote(sandbox_flags);
   // This function call can return multiple times, once per fork().
   return zygote.ProcessRequests();
 }