diff options
Diffstat (limited to 'content')
| -rw-r--r-- | content/common/sandbox_policy.cc | 12 | ||||
| -rw-r--r-- | content/public/common/sandbox_init.h | 9 |
2 files changed, 21 insertions, 0 deletions
diff --git a/content/common/sandbox_policy.cc b/content/common/sandbox_policy.cc index 756da45..a4b182e 100644 --- a/content/common/sandbox_policy.cc +++ b/content/common/sandbox_policy.cc @@ -407,6 +407,14 @@ bool AddPolicyForRenderer(sandbox::TargetPolicy* policy) { if (result != sandbox::SBOX_ALL_OK) return false; + // Renderers need to send named pipe handles and shared memory + // segment handles to NaCl loader processes. + result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_HANDLES, + sandbox::TargetPolicy::HANDLES_DUP_ANY, + L"File"); + if (result != sandbox::SBOX_ALL_OK) + return false; + policy->SetJobLevel(sandbox::JOB_LOCKDOWN, 0); sandbox::TokenLevel initial_token = sandbox::USER_UNPROTECTED; @@ -696,4 +704,8 @@ bool BrokerDuplicateHandle(HANDLE source_handle, return false; } +bool BrokerAddTargetPeer(HANDLE peer_process) { + return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK; +} + } // namespace content diff --git a/content/public/common/sandbox_init.h b/content/public/common/sandbox_init.h index 8952323..24da5a9 100644 --- a/content/public/common/sandbox_init.h +++ b/content/public/common/sandbox_init.h @@ -42,6 +42,15 @@ CONTENT_EXPORT bool BrokerDuplicateHandle(HANDLE source_handle, DWORD desired_access, DWORD options); +// Inform the current process's sandbox broker (e.g. the broker for +// 32-bit processes) about a process created under a different sandbox +// broker (e.g. the broker for 64-bit processes). This allows +// BrokerDuplicateHandle() to send handles to a process managed by +// another broker. For example, it allows the 32-bit renderer to send +// handles to 64-bit NaCl processes. This returns true on success, +// false otherwise. +CONTENT_EXPORT bool BrokerAddTargetPeer(HANDLE peer_process); + #elif defined(OS_MACOSX) // Initialize the sandbox of the given |sandbox_type|, optionally specifying a |