Create a class for seccomp-bpf sandboxing in content.

This adds a SandboxSeccompBpf class to centralize Seccomp BPF sandbox
policies inside of content/

LinuxSandbox is the only user of this class and Linux sandboxing is now fully
unified through LinuxSandbox.

BUG=
NOTRY=true

Review URL: https://chromiumcodereview.appspot.com/10843042

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@149738 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 2 insertions, 0 deletions

diff --git a/content/browser/zygote_host/zygote_host_impl_linux.cc b/content/browser/zygote_host/zygote_host_impl_linux.cc
index f34df1c..e065273 100644
--- a/content/browser/zygote_host/zygote_host_impl_linux.cc
+++ b/content/browser/zygote_host/zygote_host_impl_linux.cc
@@ -100,11 +100,13 @@ void ZygoteHostImpl::Init(const std::string& sandbox_cmd) {
     switches::kVModule,
     switches::kRegisterPepperPlugins,
     switches::kDisableSeccompSandbox,
+    switches::kDisableSeccompFilterSandbox,
     switches::kEnableSeccompSandbox,
     // Zygote process needs to know what resources to have loaded when it
     // becomes a renderer process.
     switches::kForceDeviceScaleFactor,
     switches::kLoad2xResources,
+    switches::kNoSandbox,
   };
   cmd_line.CopySwitchesFrom(browser_command_line, kForwardSwitches,
                             arraysize(kForwardSwitches));