diff options
| author | aberent@chromium.org <aberent@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-03-13 11:35:15 +0000 |
|---|---|---|
| committer | aberent@chromium.org <aberent@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-03-13 11:35:15 +0000 |
| commit | 121e6138b0b543c38ec66cf0033af96dc75b49a0 (patch) | |
| tree | d0a17305b9fb96bf52cef7b87feae4737cc02e97 /content/browser/plugin_process_host.cc | |
| parent | 33fcc33ec9ef57d98a20911a6cd6f64f91a5d375 (diff) | |
| download | chromium_src-121e6138b0b543c38ec66cf0033af96dc75b49a0.zip chromium_src-121e6138b0b543c38ec66cf0033af96dc75b49a0.tar.gz chromium_src-121e6138b0b543c38ec66cf0033af96dc75b49a0.tar.bz2 | |
Refactor configuration of sandboxes - first steps
See
https://docs.google.com/document/d/1H-hCsIcMsAEP0fWHimbuiNA-Hc9eXEmR94eb-2RQAhA/edit?usp=sharing
for background.
This moves all process type dependent decisions on how to create
Linux processes (not how to sandbox them once created, not Android)
into the launch delegates and makes the arguments to the
ChildProcessLauncher constructor and
BrowserChildProcessHostImpl::Launch OS independent.
BUG=none
Review URL: https://codereview.chromium.org/177863002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@256802 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'content/browser/plugin_process_host.cc')
| -rw-r--r-- | content/browser/plugin_process_host.cc | 35 |
1 files changed, 22 insertions, 13 deletions
diff --git a/content/browser/plugin_process_host.cc b/content/browser/plugin_process_host.cc index 21d7fd4..8aa69dd 100644 --- a/content/browser/plugin_process_host.cc +++ b/content/browser/plugin_process_host.cc @@ -36,6 +36,7 @@ #include "content/public/browser/resource_context.h" #include "content/public/common/content_switches.h" #include "content/public/common/process_type.h" +#include "content/public/common/sandboxed_process_launcher_delegate.h" #include "ipc/ipc_switches.h" #include "net/url_request/url_request_context_getter.h" #include "ui/base/ui_base_switches.h" @@ -55,7 +56,6 @@ #if defined(OS_WIN) #include "base/win/windows_version.h" #include "content/common/plugin_constants_win.h" -#include "content/public/common/sandboxed_process_launcher_delegate.h" #include "ui/gfx/switches.h" #endif @@ -77,24 +77,39 @@ void PluginProcessHost::OnPluginWindowDestroyed(HWND window, HWND parent) { void PluginProcessHost::AddWindow(HWND window) { plugin_parent_windows_set_.insert(window); } +#endif // defined(OS_WIN) // NOTE: changes to this class need to be reviewed by the security team. class PluginSandboxedProcessLauncherDelegate : public SandboxedProcessLauncherDelegate { public: - PluginSandboxedProcessLauncherDelegate() {} + explicit PluginSandboxedProcessLauncherDelegate(ChildProcessHost* host) +#if defined(OS_POSIX) + : ipc_fd_(host->TakeClientFileDescriptor()) +#endif // OS_POSIX + {} + virtual ~PluginSandboxedProcessLauncherDelegate() {} - virtual void ShouldSandbox(bool* in_sandbox) OVERRIDE { - *in_sandbox = false; +#if defined(OS_WIN) + virtual bool ShouldSandbox() OVERRIDE { + return false; } +#elif defined(OS_POSIX) + virtual int GetIpcFd() OVERRIDE { + return ipc_fd_; + } +#endif // OS_WIN + private: +#if defined(OS_POSIX) + int ipc_fd_; +#endif // OS_POSIX + DISALLOW_COPY_AND_ASSIGN(PluginSandboxedProcessLauncherDelegate); }; -#endif // defined(OS_WIN) - #if defined(TOOLKIT_GTK) void PluginProcessHost::OnMapNativeViewId(gfx::NativeViewId id, gfx::PluginWindowHandle* output) { @@ -246,13 +261,7 @@ bool PluginProcessHost::Init(const WebPluginInfo& info) { #endif process_->Launch( -#if defined(OS_WIN) - new PluginSandboxedProcessLauncherDelegate, - false, -#elif defined(OS_POSIX) - false, - env, -#endif + new PluginSandboxedProcessLauncherDelegate(process_->GetHost()), cmd_line); // The plugin needs to be shutdown gracefully, i.e. NP_Shutdown needs to be |