diff options
| author | rsesek@chromium.org <rsesek@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-06-10 14:50:41 +0000 |
|---|---|---|
| committer | rsesek@chromium.org <rsesek@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-06-10 14:50:41 +0000 |
| commit | f5bcd0f0014b1c11efe8dcf77e36ccb3d7fdc957 (patch) | |
| tree | f5dbe479f5837f30b55944b396aa9e50fc9e77ff /sandbox/mac | |
| parent | 2d48653d11bd3856561d73532218fbcad4ce267a (diff) | |
| download | chromium_src-f5bcd0f0014b1c11efe8dcf77e36ccb3d7fdc957.zip chromium_src-f5bcd0f0014b1c11efe8dcf77e36ccb3d7fdc957.tar.gz chromium_src-f5bcd0f0014b1c11efe8dcf77e36ccb3d7fdc957.tar.bz2 | |
Initialize the bootstrap sandbox in the browser process.
This wires up the ChildProcessLauncher and SandboxedProcessLauncherDelegate.
No restrictive policies are currently registered or enforced, i.e. renderers
should not be locked down. However, to keep NPAPI plugins working, an allow-by-
default policy exists.
BUG=367863
R=jam@chromium.org
Review URL: https://codereview.chromium.org/303293002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@276026 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'sandbox/mac')
| -rw-r--r-- | sandbox/mac/bootstrap_sandbox.cc | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/sandbox/mac/bootstrap_sandbox.cc b/sandbox/mac/bootstrap_sandbox.cc index b90d8d1..6407c68 100644 --- a/sandbox/mac/bootstrap_sandbox.cc +++ b/sandbox/mac/bootstrap_sandbox.cc @@ -60,7 +60,7 @@ void BootstrapSandbox::RegisterSandboxPolicy( int sandbox_policy_id, const BootstrapSandboxPolicy& policy) { CHECK(IsPolicyValid(policy)); - CHECK_GT(sandbox_policy_id, 0); + CHECK_GT(sandbox_policy_id, kNotAPolicy); base::AutoLock lock(lock_); DCHECK(policies_.find(sandbox_policy_id) == policies_.end()); policies_.insert(std::make_pair(sandbox_policy_id, policy)); @@ -102,8 +102,8 @@ void BootstrapSandbox::FinishedFork(base::ProcessHandle handle) { void BootstrapSandbox::ChildDied(base::ProcessHandle handle) { base::AutoLock lock(lock_); const auto& it = sandboxed_processes_.find(handle); - CHECK(it != sandboxed_processes_.end()); - sandboxed_processes_.erase(it); + if (it != sandboxed_processes_.end()) + sandboxed_processes_.erase(it); } const BootstrapSandboxPolicy* BootstrapSandbox::PolicyForProcess( |