diff options
| author | evan@chromium.org <evan@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-03-30 19:47:41 +0000 |
|---|---|---|
| committer | evan@chromium.org <evan@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-03-30 19:47:41 +0000 |
| commit | 39c4e1a8b2343b3883a098a8e0d21fb8bd3204cf (patch) | |
| tree | 456e767833a5abfca7ab89ba2e66c8935cfab1f7 /build | |
| parent | 3cd488a822976fd97aeb7e5237e483100a24fa12 (diff) | |
| download | chromium_src-39c4e1a8b2343b3883a098a8e0d21fb8bd3204cf.zip chromium_src-39c4e1a8b2343b3883a098a8e0d21fb8bd3204cf.tar.gz chromium_src-39c4e1a8b2343b3883a098a8e0d21fb8bd3204cf.tar.bz2 | |
linux: enable seccomp sandbox by default
It seems the best way to keep the seccomp sandbox working is to have
everyone's development environment have it on by default. So we turn
on the seccomp sandbox, but only for non-official builds.
If the build-time flag is set: --disable-seccomp-sandbox turns it off.
If the build-time flag is *not* set: --enable-seccomp-sandbox turns it on.
BUG=36133
Review URL: http://codereview.chromium.org/1558003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@43122 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'build')
| -rw-r--r-- | build/common.gypi | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/build/common.gypi b/build/common.gypi index 3b8f20e..2d0902a 100644 --- a/build/common.gypi +++ b/build/common.gypi @@ -208,6 +208,10 @@ # Disable TCMalloc's heapchecker. 'linux_use_heapchecker%': 0, + # Turn on seccomp sandbox by default. + # (Note: this is disabled for official builds.) + 'linux_use_seccomp_sandbox%': 1, + # Set to select the Title Case versions of strings in GRD files. 'use_titlecase_in_grd_files%': 0, @@ -957,6 +961,9 @@ 'cflags': [ '-gstabs' ], 'defines': ['USE_LINUX_BREAKPAD'], }], + ['linux_use_seccomp_sandbox==1 and buildtype!="Official"', { + 'defines': ['USE_SECCOMP_SANDBOX'], + }], ['library=="shared_library"', { # When building with shared libraries, remove the visiblity-hiding # flag. |