diff options
| -rw-r--r-- | build/common.gypi | 13 | ||||
| -rw-r--r-- | chrome/browser/zygote_host_linux.cc | 17 | ||||
| -rw-r--r-- | chrome/chrome.gyp | 5 | ||||
| -rw-r--r-- | sandbox/linux/suid/sandbox.cc | 11 | ||||
| -rw-r--r-- | sandbox/sandbox.gyp | 3 |
5 files changed, 38 insertions, 11 deletions
diff --git a/build/common.gypi b/build/common.gypi index 4cd33e1..c19713b 100644 --- a/build/common.gypi +++ b/build/common.gypi @@ -90,7 +90,18 @@ # # Developers should read # http://code.google.com/p/chromium/wiki/LinuxSUIDSandboxDevelopment - 'linux_suid_sandbox_restrictions': 'Path', + 'linux_suid_sandbox_restrictions%': 'Path', + + # This is the location of the sandbox binary. Chrome looks for this before + # running the zygote process. If found, and SUID, it will be used to + # sandbox the zygote process and, thus, all renderer processes. + 'linux_sandbox_path%': '', + + # If |linux_suid_sandbox_restrictions|, above, is 'Path' then only a single + # path is allowed to be exec'ed by the sandbox for security reasons. That + # path is set here. It should be the final location of the Chromium binary + # on the system. + 'linux_sandbox_chrome_path%': '/opt/google/chrome/chrome', }, 'target_defaults': { 'conditions': [ diff --git a/chrome/browser/zygote_host_linux.cc b/chrome/browser/zygote_host_linux.cc index fc8b981..dad473b 100644 --- a/chrome/browser/zygote_host_linux.cc +++ b/chrome/browser/zygote_host_linux.cc @@ -22,13 +22,6 @@ #include "chrome/common/chrome_constants.h" #include "chrome/common/chrome_switches.h" -// Previously we just looked for the binary next to the Chromium binary. But -// this breaks people who do a build-all. -// NOTE packagers: change this. - -// static const char kSandboxBinary[] = "/opt/google/chrome/chrome-sandbox"; -static const char kSandboxBinary[] = "/false"; - ZygoteHost::ZygoteHost() { std::wstring chrome_path; CHECK(PathService::Get(base::FILE_EXE, &chrome_path)); @@ -51,15 +44,21 @@ ZygoteHost::ZygoteHost() { const char* sandbox_binary = NULL; struct stat st; + + // In Chromium branded builds, developers can set an environment variable to + // use the development sandbox. See + // http://code.google.com/p/chromium/wiki/LinuxSUIDSandboxDevelopment if (stat("/proc/self/exe", &st) == 0 && st.st_uid == getuid()) { sandbox_binary = getenv("CHROME_DEVEL_SANDBOX"); } +#if defined(LINUX_SANDBOX_PATH) if (!sandbox_binary) - sandbox_binary = kSandboxBinary; + sandbox_binary = LINUX_SANDBOX_PATH; +#endif - if (stat(sandbox_binary, &st) == 0) { + if (sandbox_binary && stat(sandbox_binary, &st) == 0) { if (access(sandbox_binary, X_OK) == 0 && (st.st_mode & S_ISUID) && (st.st_mode & S_IXOTH)) { diff --git a/chrome/chrome.gyp b/chrome/chrome.gyp index 3cee1388..cb3b0a2 100644 --- a/chrome/chrome.gyp +++ b/chrome/chrome.gyp @@ -1858,6 +1858,11 @@ 'app/breakpad_linux.h', ], }], + ['linux_sandbox_path != ""', { + 'defines': [ + 'LINUX_SANDBOX_PATH="<(linux_sandbox_path)"', + ], + }], ], }], ['OS=="linux" and toolkit_views==0', { diff --git a/sandbox/linux/suid/sandbox.cc b/sandbox/linux/suid/sandbox.cc index ea53406..a2332d8 100644 --- a/sandbox/linux/suid/sandbox.cc +++ b/sandbox/linux/suid/sandbox.cc @@ -25,7 +25,16 @@ #define CLONE_NEWPID 0x20000000 #endif -static const char kChromeBinary[] = "/opt/google/chrome/chrome"; +#if !defined(LINUX_SANDBOX_CHROME_PATH) && \ + !defined(CHROME_DEVEL_SANDBOX) +#error LINUX_SANDBOX_CHROME_PATH must be defined to be the location of the \ + Chrome binary, or CHROME_DEVEL_SANDBOX must be defined +#endif + +#if defined(LINUX_SANDBOX_CHROME_PATH) +static const char kChromeBinary[] = LINUX_SANDBOX_CHROME_PATH; +#endif + static const char kSandboxDescriptorEnvironmentVarName[] = "SBX_D"; // These are the magic byte values which the sandboxed process uses to request diff --git a/sandbox/sandbox.gyp b/sandbox/sandbox.gyp index 76e5dd3..6ca2cef 100644 --- a/sandbox/sandbox.gyp +++ b/sandbox/sandbox.gyp @@ -19,6 +19,9 @@ }, ], ], + 'defines': [ + 'LINUX_SANDBOX_CHROME_PATH="<(linux_sandbox_chrome_path)"', + ], 'sources': [ 'linux/suid/sandbox.cc', ], |