diff options
| author | jln <jln@chromium.org> | 2014-09-11 20:28:19 -0700 |
|---|---|---|
| committer | Commit bot <commit-bot@chromium.org> | 2014-09-12 03:33:06 +0000 |
| commit | ae158f413c703c2f60665ba28f078216ec47ad50 (patch) | |
| tree | b7d6a85230f701fa51dc3e7f8371d9094cb40952 /components/nacl | |
| parent | e85f5c68ba2514eab50abc2fabcca6e946d10a2e (diff) | |
| download | chromium_src-ae158f413c703c2f60665ba28f078216ec47ad50.zip chromium_src-ae158f413c703c2f60665ba28f078216ec47ad50.tar.gz chromium_src-ae158f413c703c2f60665ba28f078216ec47ad50.tar.bz2 | |
Linux sandbox: restrict {get,set}priority in NaCl and renderers.
In NaCl processes and renderers, getpriority and setpriority are now
only allowed if they are using PRIO_PROCESS and |who| is either
the current process or 0.
BUG=399473
Review URL: https://codereview.chromium.org/552013006
Cr-Commit-Position: refs/heads/master@{#294535}
Diffstat (limited to 'components/nacl')
| -rw-r--r-- | components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.cc | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.cc b/components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.cc index a649030..862b272 100644 --- a/components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.cc +++ b/components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.cc @@ -92,7 +92,6 @@ sandbox::ErrorCode NaClBPFSandboxPolicy::EvaluateSyscall( case __NR_sched_getparam: case __NR_sched_getscheduler: case __NR_sched_setscheduler: - case __NR_setpriority: case __NR_sysinfo: // __NR_times needed as clock() is called by CommandBufferHelper, which is // used by NaCl applications that use Pepper's 3D interfaces. |