summaryrefslogtreecommitdiffstats
path: root/content/common/sandbox_init_linux.cc
Commit message (Expand)AuthorAgeFilesLines
* Linux: limit the address space size in sandbox initialization.jln@chromium.org2012-10-221-0/+3
* Linux: add a seccomp-bpf sandbox for renderersjln@chromium.org2012-08-301-9/+6
* Linux: return sandbox status in InitializeSandbox().jln@chromium.org2012-08-281-3/+6
* Clean up GPU process seccomp-bpf sandbox policies.jorgelo@chromium.org2012-08-071-1/+0
* Create a class for seccomp-bpf sandboxing in content.jln@chromium.org2012-08-021-544/+17
* Create a LinuxSandbox class.jln@chromium.org2012-08-021-18/+2
* Revert 149692 - Create a LinuxSandbox class.mazda@chromium.org2012-08-021-2/+18
* Create a LinuxSandbox class.jln@chromium.org2012-08-021-18/+2
* Linux: unify seccomp sandbox initializationjln@chromium.org2012-08-011-37/+62
* Tweak the GPU process sandbox to allow accelerated video decode.jorgelo@chromium.org2012-07-261-6/+37
* Remove the seccomp filter disable.jorgelo@chromium.org2012-07-231-14/+0
* Seccomp BPF sandbox: fix compilation on 32 bitsjln@chromium.org2012-07-181-0/+2
* Implement open() hook for GPU process.jorgelo@chromium.org2012-07-181-1/+86
* Add mknod* to the list of syscalls which use filesystem paths. mknod() hascevans@chromium.org2012-07-181-0/+2
* Use IsChromeOS() instead of ifdefjln@chromium.org2012-07-161-25/+34
* Linux: Unify InitializeSandbox between 32/64 bitsjln@chromium.org2012-07-131-56/+110
* Disable seccomp filter sandbox temporarily.jorgelo@chromium.org2012-07-121-0/+12
* Some GPU and Flash policy tweaks.cevans@chromium.org2012-07-031-0/+5
* Seccomp-BPF: switch from the old to the new APIjln@chromium.org2012-06-281-329/+223
* Log the activation of the seccomp filter sandbox to help eventual debugging.jorgelo@chromium.org2012-06-221-0/+7
* Linux BPF: always check for multiple threadsjln@chromium.org2012-06-191-10/+19
* Restrict ioctl() to return ENOTTY.jorgelo@chromium.org2012-06-161-2/+1
* Add ioctl() and dup() to Pepper Flash sandbox for Flash Access.jorgelo@chromium.org2012-06-151-0/+3
* Linux BPF sandbox: report process type on failurejln@chromium.org2012-06-131-3/+5
* Disable the seccomp filter GPU process sandbox by default on Chrome OS.jorgelo@chromium.org2012-06-121-2/+22
* Allow sys_time in the Pepper Flash syscall filter policy.jorgelo@chromium.org2012-06-111-0/+1
* Linux BPF sandbox: relax CheckSingleThreadedjln@chromium.org2012-06-011-5/+8
* Block ptrace (and ptrace-like) syscalls from the renderer and worker processs.cevans@chromium.org2012-06-011-8/+45
* Handle socket() more gracefully in the GPU policy.cevans@chromium.org2012-05-291-0/+1
* Fix Pepper Flash SIGSYS crash: recognize openat() and refactor ENOENT filesystemcevans@chromium.org2012-05-251-8/+28
* Sandbox policy fixes for all known remaining issues.cevans@chromium.org2012-05-221-4/+14
* Add a couple more syscalls for the Nvidia binary driver, based on a real-worldcevans@chromium.org2012-05-041-4/+11
* Policy tweaks to address syscall failures seen in 20.0.115.1cevans@chromium.org2012-04-301-0/+6
* Allow kill(self) for the GPU watchdog.cevans@chromium.org2012-04-201-6/+34
* Handle three syscalls seen so far in crash logs.cevans@chromium.org2012-04-191-1/+15
* Fix CHECK() loading Pepper Flash when inside the suid sandbox.cevans@chromium.org2012-04-181-3/+5
* Apply an initial seccomp filter policy for Pepper Flash.cevans@chromium.org2012-04-171-1/+55
* Add an initial Linux GPU sandbox using the seccomp filter framework.cevans@chromium.org2012-04-131-0/+263