diff options
| author | mdempsky <mdempsky@chromium.org> | 2015-02-04 19:29:25 -0800 |
|---|---|---|
| committer | Commit bot <commit-bot@chromium.org> | 2015-02-05 03:30:32 +0000 |
| commit | 3cc942a3dfecc18e0b20fdc509a9608644b67036 (patch) | |
| tree | 01e8d5629705e231e91b5a2079dd5deb6d1de0bf /components | |
| parent | 88444c0bae2e77ab555a81a727d5ffa49500adf2 (diff) | |
| download | chromium_src-3cc942a3dfecc18e0b20fdc509a9608644b67036.zip chromium_src-3cc942a3dfecc18e0b20fdc509a9608644b67036.tar.gz chromium_src-3cc942a3dfecc18e0b20fdc509a9608644b67036.tar.bz2 | |
sandbox: extract SetuidSandboxHost code from SetuidSandboxClient
This separates the code used to "host" the setuid sandbox binary from
the code used to run underneath it (i.e., the client). The primary
motivation for this is so that lightweight clients (e.g., the BMM
non-SFI sandbox) can avoid all of the additional dependencies required
only for hosting the setuid sandbox.
TBR=mseaborn@chromium.org,nasko@chromium.org
BUG=455087
Review URL: https://codereview.chromium.org/877153005
Cr-Commit-Position: refs/heads/master@{#314734}
Diffstat (limited to 'components')
| -rw-r--r-- | components/nacl/zygote/nacl_fork_delegate_linux.cc | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/components/nacl/zygote/nacl_fork_delegate_linux.cc b/components/nacl/zygote/nacl_fork_delegate_linux.cc index e424d2e..6544425 100644 --- a/components/nacl/zygote/nacl_fork_delegate_linux.cc +++ b/components/nacl/zygote/nacl_fork_delegate_linux.cc @@ -35,7 +35,7 @@ #include "components/nacl/loader/nacl_helper_linux.h" #include "content/public/common/content_descriptors.h" #include "content/public/common/content_switches.h" -#include "sandbox/linux/suid/client/setuid_sandbox_client.h" +#include "sandbox/linux/suid/client/setuid_sandbox_host.h" #include "sandbox/linux/suid/common/sandbox.h" namespace { @@ -146,8 +146,8 @@ void NaClForkDelegate::Init(const int sandboxdesc, return; } - scoped_ptr<sandbox::SetuidSandboxClient> setuid_sandbox_client( - sandbox::SetuidSandboxClient::Create()); + scoped_ptr<sandbox::SetuidSandboxHost> setuid_sandbox_host( + sandbox::SetuidSandboxHost::Create()); // For communications between the NaCl loader process and // the SUID sandbox. @@ -242,12 +242,10 @@ void NaClForkDelegate::Init(const int sandboxdesc, if (enable_layer1_sandbox) { // NaCl needs to keep tight control of the cmd_line, so prepend the // setuid sandbox wrapper manually. - base::FilePath sandbox_path = - setuid_sandbox_client->GetSandboxBinaryPath(); + base::FilePath sandbox_path = setuid_sandbox_host->GetSandboxBinaryPath(); argv_to_launch.insert(argv_to_launch.begin(), sandbox_path.value()); - setuid_sandbox_client->SetupLaunchOptions( - &options, &fds_to_map, &dummy_fd); - setuid_sandbox_client->SetupLaunchEnvironment(); + setuid_sandbox_host->SetupLaunchOptions(&options, &fds_to_map, &dummy_fd); + setuid_sandbox_host->SetupLaunchEnvironment(); } options.fds_to_remap = &fds_to_map; |