summaryrefslogtreecommitdiffstats
path: root/chrome/common/sandbox_policy.cc
Commit message (Collapse)AuthorAgeFilesLines
* Added group policy for disabling all client-side 3D APIs in Chromiumkbr@chromium.org2010-12-201-1/+2
| | | | | | | | | | | | | | | | | | | | | (in particular, WebGL and Pepper 3D). This has been hooked up through a new command-line argument (--disable-3d-apis) orthogonal to the existing ones, so that further changes to those command line arguments will not accidentally regress the group policy support. Tested in the following ways: - Verified that --disable-3d-apis disables WebGL and Pepper 3D support on Mac OS X. - Verified that specifying the Disable3DAPIs policy via a JSON file disables WebGL on Linux. - Ran unit_tests and verified that there were no failures introduced. BUG=64806 TEST=ConfigurationPolicyPrefStoreBooleanTest Review URL: http://codereview.chromium.org/5991003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@69753 0039d316-1c4b-4281-b951-d872f2087c98
* windows: remove PathService::Get() that uses wstringsevan@chromium.org2010-11-301-11/+11
| | | | | | | | | | This just required fixing the remaining callers. BUG=24672 Review URL: http://codereview.chromium.org/5356008 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@67783 0039d316-1c4b-4281-b951-d872f2087c98
* Fix for lingering flash broker processescpu@chromium.org2010-11-171-0/+18
| | | | | | | | | | | - Block chrome uninstallation until next reboot. BUG=63345 TES=see bug. Review URL: http://codereview.chromium.org/5134003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@66526 0039d316-1c4b-4281-b951-d872f2087c98
* Enable sandboxed flash on windows by default.cpu@chromium.org2010-11-131-16/+48
| | | | | | | | | | | | | | It requires flash 10.1.103.19 or better, the current flash in trunk is 10.1.103.20 so we are fine. BUG=50796 TEST=see bug Review URL: http://codereview.chromium.org/4870001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@66022 0039d316-1c4b-4281-b951-d872f2087c98
* Implement a new process type for running PPAPI plugins. The process itself isbrettw@chromium.org2010-11-101-0/+2
| | | | | | | | | | | | | | | quite simple and just sets up the PPAPI dispatcher and loads the library. There is a new command line switch --ppapi-out-of-process which runs PPAPI plugins out of process using the new code path. There is some logic in RenderView and PepperPluginModule for setting up this connection, but it should be straightforward. TEST=none BUG=none Review URL: http://codereview.chromium.org/3915002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@65614 0039d316-1c4b-4281-b951-d872f2087c98
* chrome/common: Append base:: in the StringPrintf calls.tfarina@chromium.org2010-10-311-1/+1
| | | | | | | | | | | (Note: This is a TODO in string_util.h) BUG=None TEST=trybots Review URL: http://codereview.chromium.org/4111011 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@64567 0039d316-1c4b-4281-b951-d872f2087c98
* Move debug-related stuff from base to the base/debug directory and use thebrettw@chromium.org2010-10-261-3/+3
| | | | | | | | | | | | | | | | base::debug namespace. This splits apart debug_util into base/debugger and base/stack_trace There are still two functions in debug_util that I'm not sure what to do with. Since this uses the base::debug namespace, I removed the functions in debugger.h from the static class and just made them free functions in the namespace. TEST=it compiles BUG=none Review URL: http://codereview.chromium.org/3945002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@63859 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 63535 - Disable GPU features AcceleratingCompositing and WebGL by ↵enne@chromium.org2010-10-221-1/+1
| | | | | | | | | | | | | | | | | | default. (This change got checked into trunk only to get merged into M8.) Flags have been switched to reversed logic, and about_flags.cc modified to expose these to users in GUI. BUG=56053, 59092 TEST=Use about:flags to toggle features, confirm state with e.g. http://webglsamples.googlecode.com/hg/aquarium/aquarium.html http://webkit.org/blog-files/3d-transforms/poster-circle.html Vince's change for about:flags. Review URL: http://codereview.chromium.org/3978002 TBR=vangelis@chromium.org Review URL: http://codereview.chromium.org/3974004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@63547 0039d316-1c4b-4281-b951-d872f2087c98
* Disable GPU features AcceleratingCompositing and WebGL by default.enne@chromium.org2010-10-221-1/+1
| | | | | | | | | | | Flags have been switched to reversed logic, and about_flags.cc modified to expose these to users in GUI. BUG=56053, 59092 TEST=Use about:flags to toggle features, confirm state with e.g. http://webglsamples.googlecode.com/hg/aquarium/aquarium.html http://webkit.org/blog-files/3d-transforms/poster-circle.html Vince's change for about:flags. Review URL: http://codereview.chromium.org/3978002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@63535 0039d316-1c4b-4281-b951-d872f2087c98
* Convert LOG(INFO) to VLOG(1) - chrome/common/.pkasting@chromium.org2010-10-221-1/+1
| | | | | | | | | | | | This also removes LOG_RESOURCE_REQUESTS and all associated code. Also remove some "using"s, fix non-const ref (style violation), remove some "else" after "return", and remove some extra {}s. BUG=none TEST=none Review URL: http://codereview.chromium.org/3941001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@63462 0039d316-1c4b-4281-b951-d872f2087c98
* Move windows version-related stuff out of base/win_util and into ↵brettw@chromium.org2010-10-151-5/+5
| | | | | | | | | | | | | | base/win/windows_version. Many files now only need to include this instead of all of win_util. Remove a bunch of unused code from base/win_util. There was a surprising amount. Replace the AppUserModel property key with the one from the SDK now that we use the Win7 SDK. Move GetLogonSessionOnlyDACL from win_util to ipc since it's only used in that one place. TEST=it compiles BUG=none Review URL: http://codereview.chromium.org/3823002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@62694 0039d316-1c4b-4281-b951-d872f2087c98
* CommandLine: remove wstring-based program() accessorevan@chromium.org2010-10-141-1/+1
| | | | | | | | | | | | | | This was already removed on non-Windows, so this change modifies the remaining Windows-specific usage. In a few places I converted use of wstring paths into FilePath, but in general for Windows-specific code I don't think it's too important to use FilePath everywhere, because it is equivalent on Windows and the current code already works. BUG=23581 Review URL: http://codereview.chromium.org/3817001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@62637 0039d316-1c4b-4281-b951-d872f2087c98
* Sandbox built-in flash player. Spawn brokercpu@chromium.org2010-09-211-10/+44
| | | | | | | | | | | | | | - Now is chrome duty to spawn flash broker. Flash cannot do it by itself on XP The flash broker is hosted in rundll32.exe. An extra switch is added to the command line of the plug-in process so flash player can contact its broker. BUG=50796 TEST=see bug for testing info Review URL: http://codereview.chromium.org/3432014 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@60018 0039d316-1c4b-4281-b951-d872f2087c98
* Enable webgl and accelerated compositing by default on all platforms. Removesvangelis@chromium.org2010-09-081-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | --enable-webgl and --enable-accelerated-compositing flags and replaces them by --disable-webgl and --disable-accelerated-compositing. This CL is practically identical to: http://src.chromium.org/viewvc/chrome?view=rev&revision=58711 which was checked in the later reverted in: http://src.chromium.org/viewvc/chrome?view=rev&revision=58730 due to UI test failures related to video playback via the compositor. The main difference is that mac is no longer excluded so the two features are now turned on on all 3 platforms. The issue with the failing UI tests was corrected upstream in WebKit: http://trac.webkit.org/changeset/66923 so this WebKit change must be rolled in before the chromium change lands. BUG=54469 TEST=NONE Review URL: http://codereview.chromium.org/3348012 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@58792 0039d316-1c4b-4281-b951-d872f2087c98
* Back out r58711. It appears to have caused video/media-related ui_testsmark@chromium.org2010-09-071-1/+1
| | | | | | | | | | | | | | | | failures on Windows: MediaTest.VideoBearTheora MediaTest.VideoBearSilentTheora MediaTest.VideoBearWebm MediaTest.VideoBearSilentWebm UILayoutTest.MediaUILayoutTest BUG=54469 TEST=tree Review URL: http://codereview.chromium.org/3333019 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@58730 0039d316-1c4b-4281-b951-d872f2087c98
* Turning WebGL and the accelerated compositor on by default (linux and ↵vangelis@chromium.org2010-09-071-1/+1
| | | | | | | | | | | windows only for the compositor), removing the --enable-webgl flag and adding --disable-webgl and --disable-accelerated-compositing. On the mac --enable-accelerated-compositing still needs to be supplied to enable the compositor. BUG=54469 Review URL: http://codereview.chromium.org/3342016 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@58711 0039d316-1c4b-4281-b951-d872f2087c98
* Sandboxing built-in flashcpu@chromium.org2010-08-301-9/+9
| | | | | | | | | | | | | | | This is the last change needed to have an experimental sandboxed flash for windows - Adds an export so flash can lower the token - Thightents the policy a bit - Sets a separate flash data directory. BUG=50796 TES=see bug Review URL: http://codereview.chromium.org/3245006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@57899 0039d316-1c4b-4281-b951-d872f2087c98
* CommandLine: eliminate wstring-accepting AppendLooseValueevan@chromium.org2010-08-131-1/+1
| | | | | | | | Instead use AppendArg variants which accept a FilePath or an ASCII string. Review URL: http://codereview.chromium.org/3134008 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@56100 0039d316-1c4b-4281-b951-d872f2087c98
* Added event traces at various points during Chrome and ChromeFrame startup ↵ananta@chromium.org2010-08-111-0/+7
| | | | | | | | | | to help measure and track performance. Bug=51638 Review URL: http://codereview.chromium.org/3152001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@55671 0039d316-1c4b-4281-b951-d872f2087c98
* Remove GetSwitchValue() from chrome/* where easy.evan@chromium.org2010-08-061-2/+2
| | | | | | Review URL: http://codereview.chromium.org/3057033 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@55176 0039d316-1c4b-4281-b951-d872f2087c98
* FBTF: Remove unneeded headers from base/ (part 1)thestig@chromium.org2010-08-051-1/+0
| | | | | | | | BUG=none TEST=none Review URL: http://codereview.chromium.org/3071012 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@55034 0039d316-1c4b-4281-b951-d872f2087c98
* Revert "Remove GetSwitchValue() from chrome/* where easy."evan@chromium.org2010-08-041-2/+2
| | | | | | | | This reverts commit r54966. Meant to try it, not commit it, sorry everyone. :( git-svn-id: svn://svn.chromium.org/chrome/trunk/src@54969 0039d316-1c4b-4281-b951-d872f2087c98
* Remove GetSwitchValue() from chrome/* where easy.evan@chromium.org2010-08-041-2/+2
| | | | | | Review URL: http://codereview.chromium.org/3057033 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@54966 0039d316-1c4b-4281-b951-d872f2087c98
* Start of a more restricitve sandbox policy for flash on windowscpu@chromium.org2010-08-021-0/+44
| | | | | | | | | | | | | | - This only works with --safe-plugins and the built-in-flash - Removing all file IO BUG=50796 TEST= use --safe-plugins and observe flash still works (for most sites) Review URL: http://codereview.chromium.org/3043039 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@54626 0039d316-1c4b-4281-b951-d872f2087c98
* Convert a bunch of easy AppendSwitchWithValue to *ASCII.evan@chromium.org2010-07-301-1/+1
| | | | | | | | | For this patch, I skipped over any instance where it wasn't a nearly trivial change. Review URL: http://codereview.chromium.org/3069014 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@54285 0039d316-1c4b-4281-b951-d872f2087c98
* Cold startup performance boost by enabling prefetch hints on Windowsamit@chromium.org2010-06-281-0/+5
| | | | | | | | | | | | | | | | | | | | | | A prefetch file is automatically generated by recording hard page faults during process startup. It's used to speed up the process startup the next time by prefetching those pages. By default, one prefetch file is maintained per exe. Since chrome.exe is launched in different modes (browser, renderer, plugin etc.), we want different prefetch profiles per process type. This is achieved by appending a '/Prefetch:<integer type>' on the command line. This has shown a 20% improvement in cold startup in ChromeFrameStartupTestActiveX.PerfCold on XP, will watch perf dashboards improvements. TEST=none BUG=44129 Review URL: http://codereview.chromium.org/2810033 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@51006 0039d316-1c4b-4281-b951-d872f2087c98
* Cleanup: Remove some unneeded webkit/glue headers from chrome.thestig@chromium.org2010-06-231-3/+4
| | | | | | | | BUG=46666 TEST=none Review URL: http://codereview.chromium.org/2850021 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@50562 0039d316-1c4b-4281-b951-d872f2087c98
* Allow creation of chrome.nacl.* pipes on all Windows systems.gregoryd@google.com2010-06-071-23/+5
| | | | | | | It used to work without changing the policy on older 32-bit systems (XP, Vista) but was blocked on Windows 7, so we need to add it to the policy. Review URL: http://codereview.chromium.org/2472005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@49098 0039d316-1c4b-4281-b951-d872f2087c98
* Added --in-process-webgl command line argument to select the WebGLkbr@google.com2010-04-161-0/+5
| | | | | | | | | | | | | | implementation which runs in process rather than making the decision based on the presence of --no-sandbox. Made this argument implicitly disable the sandbox. Added it as an unsupported command line argument so it pops up the infobar. BUG=39721 TEST=ran WebGL demos on Mac and Windows with and without --in-process-webgl Review URL: http://codereview.chromium.org/1599034 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@44729 0039d316-1c4b-4281-b951-d872f2087c98
* Split GpuProcessHost into GpuProcessHostUIShim, which runs on the UIkbr@google.com2010-03-301-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | thread, and GpuProcessHost, which now runs on the IO thread and derives from ChildProcessHost. This split was necessary in order to service synchronous messages from the renderer process. Moved message handlers for GPU messages from renderer to browser from BrowserRenderProcessHost to ResourceMessageFilter. Stopped sending multiple ViewHostMsg_EstablishGpuChannel messages from the same renderer if the connection was already established. Resetting the channel was causing failures in Send, and every other page reload containing WebGL content to fail. This cleanup will allow further simplification in the GPU process, but this is being left for a subsequent CL. Fixed bug in sandboxing of GPU process. Fixed latent bugs in cleanup code in GpuChannel and GpuChannelHost. Fixed crashes in ChildProcessHost if resource_dispatcher_host_ was NULL. Fixed apparent latent race conditions in creation of BackingStoreProxy and VideoLayerProxy. With these changes, WebGL content is running in the sandbox on both Mac and Windows. Linux support will be added in a following CL. BUG=29120 TEST=ran WebGL demos on Mac and Windows Review URL: http://codereview.chromium.org/1546001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@43029 0039d316-1c4b-4281-b951-d872f2087c98
* Integrate Chrome sandbox changes with NaCl (add Win64 support)gregoryd@google.com2010-03-241-1/+24
| | | | | | | | | Two significant changes: - Explicitly allow processes to act as servers for named pipes for pipes with chrome.nacl prefix. This worked implicitly on Win32 but doesn't on Win64. - NaCl broker process does not run in the sandbox (by design) Review URL: http://codereview.chromium.org/1098009 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@42552 0039d316-1c4b-4281-b951-d872f2087c98
* Final removal of the bad dependency of chrome/common on chrome/browserphajdan.jr@chromium.org2010-03-101-19/+13
| | | | | | | | | | | Also convert app/gtk_dnd_util.h from a class to a namespace for consistency with added app/gtk_util.h. TEST=none BUG=none Review URL: http://codereview.chromium.org/669268 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@41177 0039d316-1c4b-4281-b951-d872f2087c98
* Implement the broker process that launches NaCl loader processes on 64-bit ↵gregoryd@google.com2010-02-011-3/+17
| | | | | | | | | | | | Windows systems. BUG=28176 TEST=none Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=37578 Review URL: http://codereview.chromium.org/542030 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@37720 0039d316-1c4b-4281-b951-d872f2087c98
* Make acrobat work with --safe-plugins by giving it write accessnsylvain@chromium.org2010-02-011-24/+54
| | | | | | | | | | | | | | | to HKCU\Software\Adobe. Since we already have write access to HKCU\Software\Macromedia, I don't believe this is making it less secure than it actually is. We also give it write access to AppData\Adobe. Finally, we also need to let it do a directory listing in c:\users\<user> and c:\users\<user>\AppData, otherwise it crashes. Review URL: http://codereview.chromium.org/554095 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@37719 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 37578 - Implement the broker process that launches NaCl loader ↵gregoryd@google.com2010-01-301-17/+3
| | | | | | | | | | | | processes on 64bit Windows systems. BUG=28176 TEST=none Review URL: http://codereview.chromium.org/542030 TBR=gregoryd@google.com git-svn-id: svn://svn.chromium.org/chrome/trunk/src@37580 0039d316-1c4b-4281-b951-d872f2087c98
* Implement the broker process that launches NaCl loader processes on 64-bit ↵gregoryd@google.com2010-01-301-3/+17
| | | | | | | | | | Windows systems. BUG=28176 TEST=none Review URL: http://codereview.chromium.org/542030 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@37578 0039d316-1c4b-4281-b951-d872f2087c98
* Remove the StartProcess function since it's not used andnsylvain@chromium.org2010-01-281-4/+0
| | | | | | | | | it's confusing since we have another StartProcess function somewhere else in chrome. Review URL: http://codereview.chromium.org/548184 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@37432 0039d316-1c4b-4281-b951-d872f2087c98
* Moving sandbox_policy files into chrome/common .gregoryd@google.com2010-01-171-0/+452
In the next CL (http://codereview.chromium.org/542030/show) NaCl broker code will need to include sandbox_policy.h from chrome/nacl, and without this move check_deps test fails. TEST=none BUG=none Review URL: http://codereview.chromium.org/543042 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@36468 0039d316-1c4b-4281-b951-d872f2087c98
generated by cgit v1.1 at 2025-02-16 10:02:08 +0000