diff options
| author | gregoryd@google.com <gregoryd@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-09-28 20:17:30 +0000 |
|---|---|---|
| committer | gregoryd@google.com <gregoryd@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-09-28 20:17:30 +0000 |
| commit | 6affd92124f01ee0eb2b75af96d4ab5576cbccf2 (patch) | |
| tree | 776b9ef00bff93792a329c08dd9b222019c5adb9 /chrome/browser/sandbox_policy.cc | |
| parent | d957b76ce4f0fa477a18998747b0db4324dc5f74 (diff) | |
| download | chromium_src-6affd92124f01ee0eb2b75af96d4ab5576cbccf2.zip chromium_src-6affd92124f01ee0eb2b75af96d4ab5576cbccf2.tar.gz chromium_src-6affd92124f01ee0eb2b75af96d4ab5576cbccf2.tar.bz2 | |
First step towards NaCl-Chrome integration:1. NaCl plugin becomes a built-in plugin in Chrome and runs in the renderer process.2. Most of the changes are related to launching the NaCl process (that loads and runs the NaCl module) and establishing the initial communication between that process and the NaCl plugin.3. Command line flag "--internal-nacl" is required to enable the built-in NaCl plugin. NaCl still cannot run in Chrome sandbox, the flag automatically disables the sandboxCommitted: http://src.chromium.org/viewvc/chrome?view=rev&revision=27315
Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=27324
Review URL: http://codereview.chromium.org/153002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@27397 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/sandbox_policy.cc')
| -rw-r--r-- | chrome/browser/sandbox_policy.cc | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/chrome/browser/sandbox_policy.cc b/chrome/browser/sandbox_policy.cc index 13f4ee2..784e5a7 100644 --- a/chrome/browser/sandbox_policy.cc +++ b/chrome/browser/sandbox_policy.cc @@ -359,6 +359,8 @@ base::ProcessHandle StartProcessWithAccess(CommandLine* cmd_line, type = ChildProcessInfo::PLUGIN_PROCESS; } else if (type_str == switches::kWorkerProcess) { type = ChildProcessInfo::WORKER_PROCESS; + } else if (type_str == switches::kNaClProcess) { + type = ChildProcessInfo::NACL_PROCESS; } else if (type_str == switches::kUtilityProcess) { type = ChildProcessInfo::UTILITY_PROCESS; } else { @@ -371,8 +373,10 @@ base::ProcessHandle StartProcessWithAccess(CommandLine* cmd_line, (type != ChildProcessInfo::PLUGIN_PROCESS || browser_command_line.HasSwitch(switches::kSafePlugins)); #if !defined (GOOGLE_CHROME_BUILD) - if (browser_command_line.HasSwitch(switches::kInProcessPlugins)) { + if (browser_command_line.HasSwitch(switches::kInProcessPlugins) || + browser_command_line.HasSwitch(switches::kInternalNaCl)) { // In process plugins won't work if the sandbox is enabled. + // The internal NaCl plugin doesn't work in the sandbox for now. in_sandbox = false; } #endif @@ -394,6 +398,8 @@ base::ProcessHandle StartProcessWithAccess(CommandLine* cmd_line, sandbox::TargetPolicy* policy = broker_service->CreatePolicy(); bool on_sandbox_desktop = false; + // TODO(gregoryd): try locked-down policy for sel_ldr after we fix IMC. + // TODO(gregoryd): do we need a new desktop for sel_ldr? if (type == ChildProcessInfo::PLUGIN_PROCESS) { if (!AddPolicyForPlugin(cmd_line, policy)) return 0; |